CVE-2025-8114

ADVISORY - nist

Summary

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.

EPSS Score⁠: 0.00022 (0.050)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476⁠

NULL Pointer Dereference

ADVISORY - redhat

CWE-476⁠

NULL Pointer Dereference

Impacted images

Advisories

NIST

CREATED

6 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-8114⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-476⁠

CVSS SCORE

4.7medium

Alpine

CREATED

5 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-8114⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

6 months ago

UPDATED

9 days ago

ADVISORY IDCVE-2025-8114⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

6 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-8114⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.7low

Amazon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY IDALAS2023-2025-1264⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

6 months ago

UPDATED

3 days ago

ADVISORY IDCVE-2025-8114⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-476⁠

CVSS SCORE

4.7medium

Chainguard

CREATED

1 day ago

UPDATED

1 day ago

ADVISORY ID

CGA-cqj8-q5wg-rjf9

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY ID

MINI-h2jw-w98c-7x44

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY