CNNVD-202601-974 Information
Jan 06, 2026
cve
CNNVD ID
CNNVD-202601-974
Related CVE
- CNNVD Published: 2026-01-06
Description (Chinese)
wolfSSH是wolfSSL开源的一个小型、快速、可移植的 SSH 实现,包括对 SCP 和 SFTP 的支持。 wolfSSH存在安全漏洞,该漏洞源于wolfSSH_CleanPath函数存在堆缓冲区过度读取,可能导致堆越界读取。
Description (English)
WolfSSH is a small, fast, portable SSH from the WolfSSL open source, including support for SCP and SFTP. There is a security loophole in the WolfSSH, which stems from the overreading of stacks of buffer zones in the WolfSSH CleanPath function, which may lead to cross-border reading.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
wolfSSL
Published
2026-01-06
Last Modified
2026-02-24
References
https://github.com/wolfSSL/wolfssh/pull/859 https://access.redhat.com/security/cve/cve-2025-15382
Patch
https://www.wolfssl.com/download/
Share on: