CVE-2025-46806 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
suse	CNA	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 29%

Debian Releases

Debian Product

Codename

sslh

bullseye (security)	1.20-1+deb11u1 fixed
trixie	no-dsa
bookworm	1.20-1 not-affected
bullseye	1.20-1 not-affected
forky	vulnerable
sid	vulnerable

Ubuntu Releases

Ubuntu Product

Codename

sslh

questing	needs-triage
plucky	ignored
oracular	ignored
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-823 - Use of Out-of-range Pointer Offset
The program performs pointer arithmetic on a valid pointer, but it uses an offset that can point outside of the intended range of valid memory locations for the resulting pointer.

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46806

https://github.com/yrutschle/sslh/releases/tag/v2.2.4