CVE-2025-46807

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.

CVSS

No CVSS.

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46807
https://github.com/yrutschle/sslh/releases/tag/v2.2.4

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Una vulnerabilidad de asignación de recursos sin límites ni limitación en SSLH permite a los atacantes agotar fácilmente los descriptores de archivos en SSLH y negar el servicio a usuarios legítimos. Este problema afecta a SSLH anterior a la versión 2.2.4.

02 Jun 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-02 12:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-46807

Mitre link : CVE-2025-46807

CVE.ORG link : CVE-2025-46807

JSON object : View

Products Affected

No product.

CWE

CWE-770

Allocation of Resources Without Limits or Throttling

{"id": "CVE-2025-46807", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "meissner@suse.de", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-06-02T12:15:24.800", "references": [{"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46807", "source": "meissner@suse.de"}, {"url": "https://github.com/yrutschle/sslh/releases/tag/v2.2.4", "source": "meissner@suse.de"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "meissner@suse.de", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4."}, {"lang": "es", "value": "Una vulnerabilidad de asignaci\u00f3n de recursos sin l\u00edmites ni limitaci\u00f3n en SSLH permite a los atacantes agotar f\u00e1cilmente los descriptores de archivos en SSLH y negar el servicio a usuarios leg\u00edtimos. Este problema afecta a SSLH anterior a la versi\u00f3n 2.2.4."}], "lastModified": "2026-04-15T00:35:42.020", "sourceIdentifier": "meissner@suse.de"}