ГлавнаяУязвимости → CVE-2025-15382
8.1высокая

CVE-2025-15382

Описание

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.

Затрагиваемое ПО
Wolfssh Wolfssh
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Источники
https://github.com/wolfSSL/wolfssh/pull/859