CVE-2025-4878

ADVISORY - nist

Summary

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.

EPSS Score⁠: 0.002 (0.418)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

ADVISORY - redhat

CWE-416⁠

Use After Free

Impacted images

Advisories

NIST

CREATED

10 months ago

UPDATED

9 days ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

3.6low

Alpine

CREATED

11 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

11 months ago

UPDATED

29 days ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

11 months ago

UPDATED

9 months ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

9 days ago

UPDATED

2 days ago

ADVISORY IDALSA-2026:18683⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

9 months ago

UPDATED

9 months ago

ADVISORY IDALAS2023-2025-1155⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

11 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2025-4878⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

3.6low

Photon

CREATED

9 months ago

UPDATED

7 months ago

ADVISORY ID

CVE-2025-4878

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

3.6low