CVE-2025-47913

HIGH7.5EPSS 0.02%

Potential denial of service in golang.org/x/crypto/ssh/agent

發布日:2025/11/13修改日:2026/5/21

也稱為:GHSA-56w8-48fp-6mgv RHSA-2026:0436 RHSA-2026:0437 RHSA-2026:0470 RHSA-2026:0545 RHSA-2026:0753 RHSA-2026:10703 RHSA-2026:1084 RHSA-2026:11749 RHSA-2026:12030 RHSA-2026:14868 RHSA-2026:16102 RHSA-2026:16701 RHSA-2026:16702 RHSA-2026:2769 RHSA-2026:4532 RHSA-2026:4693 RHSA-2026:5167 RHSA-2026:5222 RHSA-2026:8325CGA-w3q9-xwjj-575vGO-2025-4116

描述

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

受影響套件(2)

Debian/golang-go.cryptofrom 0
Go/golang.org/x/cryptofrom 0, < 0.43.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

參考連結(4)