CVE-2025-8114

ADVISORY - nist

Summary

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.

EPSS Score⁠: 0.00022 (0.050)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476⁠

NULL Pointer Dereference

ADVISORY - redhat

CWE-476⁠

NULL Pointer Dereference

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.