CVE-2025-4878

ADVISORY - nist

Summary

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.

EPSS Score⁠: 0.00018 (0.031)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

Impacted images

Advisories

NIST

CREATED

3 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

3.6low

Alpine

CREATED

4 months ago

UPDATED

15 days ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

4 months ago

UPDATED

15 days ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

4 months ago

UPDATED

2 months ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

2 months ago

UPDATED

1 month ago

ADVISORY IDALAS2023-2025-1155⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Photon

CREATED

2 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2025-4878

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high