Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-6mw8-c4j3-m9rv

Опубликовано: 06 янв. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 5.1
CVSS3: 8.1

Описание

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.

Ссылки

EPSS

Процентиль: 31%
0.00117
Низкий

5.1 Medium

CVSS4

8.1 High

CVSS3

CVE ID

CVE-2025-15382

Дефекты

CWE-125

Связанные уязвимости

nvd логотип

CVE-2025-15382

CVSS3: 8.1
nvd
около 1 месяца назад

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.

debian логотип

CVE-2025-15382

CVSS3: 8.1
debian
около 1 месяца назад

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath( ...

EPSS

Процентиль: 31%
0.00117
Низкий

5.1 Medium

CVSS4

8.1 High

CVSS3

CVE ID

CVE-2025-15382

Дефекты

CWE-125