CVE-2025-58181
EUVD-2025-19822819.11.2025, 21:15
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| golang | crypto | 𝑥 < 0.45.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| golang-go.crypto |
| ||||||||||||||||
| google-guest-agent |
| ||||||||||||||||
| lxd |
| ||||||||||||||||
| snapd |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| apptainer |
| ||||||||||||
| apptainer-sle15_6 |
| ||||||||||||
| containerized-data-importer-manifests |
| ||||||||||||
| cosign |
| ||||||||||||
| cosign-bash-completion |
| ||||||||||||
| cosign-zsh-completion |
| ||||||||||||
| docker-buildx |
| ||||||||||||
| google-guest-agent |
| ||||||||||||
| kubevirt-manifests |
| ||||||||||||
| kubevirt-virtctl |
| ||||||||||||
| libsquashfuse0 |
| ||||||||||||
| squashfuse |
| ||||||||||||
| squashfuse-tools |
|
Amazon Linux Releases
Amazon Package | |||||
|---|---|---|---|---|---|
| amazon-cloudwatch-agent |
| ||||
| docker |
| ||||
| docker-debuginfo |
| ||||
| docker-debugsource |
| ||||
| nerdctl |
| ||||
| nerdctl-debuginfo |
| ||||
| runfinch-finch |
|