{"api_version":"1","generated_at":"2026-04-24T21:46:31+00:00","cve":"CVE-2025-6395","urls":{"html":"https://cve.report/CVE-2025-6395","api":"https://cve.report/api/cve/CVE-2025-6395.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2025-6395","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2025-6395"},"summary":{"title":"Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()","description":"A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().","state":"PUBLISHED","assigner":"redhat","published_at":"2025-07-10 16:15:25","updated_at":"2026-04-23 18:16:22"},"problem_types":["CWE-476","CWE-476 NULL Pointer Dereference"],"metrics":[{"version":"3.1","source":"secalert@redhat.com","type":"Secondary","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","data":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"}},{"version":"3.1","source":"CNA","type":"CVSS","score":"6.5","severity":"MEDIUM","vector":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","data":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","version":"3.1"}}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html","name":"https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:22529","name":"https://access.redhat.com/errata/RHSA-2025:22529","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:16115","name":"https://access.redhat.com/errata/RHSA-2025:16115","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"http://www.openwall.com/lists/oss-security/2025/07/11/3","name":"http://www.openwall.com/lists/oss-security/2025/07/11/3","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:17415","name":"https://access.redhat.com/errata/RHSA-2025:17415","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376755","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2376755","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/security/cve/CVE-2025-6395","name":"https://access.redhat.com/security/cve/CVE-2025-6395","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:17361","name":"https://access.redhat.com/errata/RHSA-2025:17361","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:16116","name":"https://access.redhat.com/errata/RHSA-2025:16116","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:17181","name":"https://access.redhat.com/errata/RHSA-2025:17181","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:17348","name":"https://access.redhat.com/errata/RHSA-2025:17348","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://gitlab.com/gnutls/gnutls/-/issues/1718","name":"https://gitlab.com/gnutls/gnutls/-/issues/1718","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2025:19088","name":"https://access.redhat.com/errata/RHSA-2025:19088","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html","name":"https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html","refsource":"secalert@redhat.com","tags":[],"title":"","mime":"","httpstatus":"","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2025-6395","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6395","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","version":"unaffected 0:3.8.9-9.el10_0.14 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"unaffected 0:3.6.16-8.el8_10.4 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","version":"unaffected 0:3.6.16-8.el8_10.4 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"unaffected 0:3.8.3-6.el9_6.2 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","version":"unaffected 0:3.8.3-6.el9_6.2 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","version":"unaffected 0:3.7.6-21.el9_2.4 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","version":"unaffected 0:3.8.3-4.el9_4.4 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Ceph Storage 7","version":"unaffected sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Discovery 2","version":"unaffected sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648 * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","version":"unaffected sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea * rpm","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","version":"","platforms":[]},{"source":"CNA","vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","version":"","platforms":[]}],"timeline":[{"source":"CNA","time":"2025-07-07T09:30:13.037Z","lang":"en","value":"Reported to Red Hat."},{"source":"CNA","time":"2025-07-10T07:56:53.029Z","lang":"en","value":"Made public."}],"solutions":[],"workarounds":[{"source":"CNA","title":"","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.","time":"","lang":"en"}],"exploits":[],"credits":[],"nvd_cpes":[],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2025","cve_id":"6395","cve":"CVE-2025-6395","epss":"0.000730000","percentile":"0.220820000","score_date":"2026-04-23","updated_at":"2026-04-24 00:02:49"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"metrics":[{"other":{"content":{"id":"CVE-2025-6395","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","timestamp":"2025-07-10T15:32:33.292878Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2025-07-10T16:02:39.265Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"},{"providerMetadata":{"dateUpdated":"2025-11-04T21:14:21.080Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"url":"https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html"},{"url":"http://www.openwall.com/lists/oss-security/2025/07/11/3"}],"title":"CVE Program Container"}],"cna":{"affected":[{"collectionURL":"https://www.gnutls.org/","defaultStatus":"unaffected","packageName":"libgnutls","versions":[{"lessThan":"3.8.10","status":"affected","version":"0","versionType":"semver"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:10.0"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 10","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.8.9-9.el10_0.14","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.6.16-8.el8_10.4","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 8","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.6.16-8.el8_10.4","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.8.3-6.el9_6.2","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos","cpe:/a:redhat:enterprise_linux:9::appstream"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 9","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.8.3-6.el9_6.2","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos","cpe:/a:redhat:rhel_e4s:9.2::appstream"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.7.6-21.el9_2.4","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream","cpe:/o:redhat:rhel_eus:9.4::baseos"],"defaultStatus":"affected","packageName":"gnutls","product":"Red Hat Enterprise Linux 9.4 Extended Update Support","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"0:3.8.3-4.el9_4.4","versionType":"rpm"}]},{"collectionURL":"https://catalog.redhat.com/software/containers/","cpes":["cpe:/a:redhat:ceph_storage:7::el9"],"defaultStatus":"affected","packageName":"rhceph/rhceph-7-rhel9","product":"Red Hat Ceph Storage 7","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe","versionType":"rpm"}]},{"collectionURL":"https://catalog.redhat.com/software/containers/","cpes":["cpe:/a:redhat:discovery:2::el9"],"defaultStatus":"affected","packageName":"discovery/discovery-ui-rhel9","product":"Red Hat Discovery 2","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648","versionType":"rpm"}]},{"collectionURL":"https://catalog.redhat.com/software/containers/","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"],"defaultStatus":"affected","packageName":"insights-proxy/insights-proxy-container-rhel9","product":"Red Hat Insights proxy 1.5","vendor":"Red Hat","versions":[{"lessThan":"*","status":"unaffected","version":"sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea","versionType":"rpm"}]},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:6"],"defaultStatus":"unknown","packageName":"gnutls","product":"Red Hat Enterprise Linux 6","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/o:redhat:enterprise_linux:7"],"defaultStatus":"unknown","packageName":"gnutls","product":"Red Hat Enterprise Linux 7","vendor":"Red Hat"},{"collectionURL":"https://access.redhat.com/downloads/content/package-browser/","cpes":["cpe:/a:redhat:openshift:4"],"defaultStatus":"affected","packageName":"rhcos","product":"Red Hat OpenShift Container Platform 4","vendor":"Red Hat"}],"datePublic":"2025-07-10T07:56:53.029Z","descriptions":[{"lang":"en","value":"A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite()."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Moderate"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-476","description":"NULL Pointer Dereference","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2026-04-23T15:41:40.684Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2025:16115","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:16115"},{"name":"RHSA-2025:16116","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:16116"},{"name":"RHSA-2025:17181","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:17181"},{"name":"RHSA-2025:17348","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:17348"},{"name":"RHSA-2025:17361","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:17361"},{"name":"RHSA-2025:17415","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:17415"},{"name":"RHSA-2025:19088","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:19088"},{"name":"RHSA-2025:22529","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2025:22529"},{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2025-6395"},{"name":"RHBZ#2376755","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2376755"},{"url":"https://gitlab.com/gnutls/gnutls/-/issues/1718"},{"url":"https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html"}],"timeline":[{"lang":"en","time":"2025-07-07T09:30:13.037Z","value":"Reported to Red Hat."},{"lang":"en","time":"2025-07-10T07:56:53.029Z","value":"Made public."}],"title":"Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()","workarounds":[{"lang":"en","value":"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}],"x_generator":{"engine":"cvelib 1.8.0"},"x_redhatCweChain":"CWE-476: NULL Pointer Dereference"}},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2025-6395","datePublished":"2025-07-10T15:20:46.031Z","dateReserved":"2025-06-20T06:26:20.649Z","dateUpdated":"2026-04-23T15:41:40.684Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.2"},"nvd":{"publishedDate":"2025-07-10 16:15:25","lastModifiedDate":"2026-04-23 18:16:22","problem_types":["CWE-476","CWE-476 NULL Pointer Dereference"],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.2}]},"configurations":[]},"legacy_mitre":{"record":{"CveYear":"2025","CveId":"6395","Ordinal":"1","Title":"Gnutls: null pointer dereference in _gnutls_figure_common_cipher","CVE":"CVE-2025-6395","Year":"2025"},"notes":[{"CveYear":"2025","CveId":"6395","Ordinal":"1","NoteData":"A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().","Type":"Description","Title":"Gnutls: null pointer dereference in _gnutls_figure_common_cipher"}]}}}