Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-2873 | 1 Wolfssh | 1 Wolfssh | 2025-12-05 | N/A | 9.1 CRITICAL |
| A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels without first performing user authentication, resulting in unauthorized access. | |||||
| CVE-2025-11624 | 1 Wolfssh | 1 Wolfssh | 2025-12-04 | N/A | 9.8 CRITICAL |
| Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed. | |||||
| CVE-2025-11625 | 1 Wolfssh | 1 Wolfssh | 2025-12-04 | N/A | 9.8 CRITICAL |
| Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and leaking of clients credentials. | |||||
| CVE-2022-32073 | 1 Wolfssh | 1 Wolfssh | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR. | |||||