CVE-2025-22869

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

Open

LOW (2.6)

T
Tim Bastin detected CVE-2025-22869 with a risk of 2.6
main
System updated the risk assessment to 1.3
main
System recalculated raw risk assessment
T
Tim Bastin fixed CVE-2025-22869
main
T
Tim Bastin detected CVE-2025-22869 with a risk of 2.6
main
System updated the risk assessment from 2.6 to 1.3
main
System recalculated raw risk assessment
System updated the risk assessment from 1.3 to 2.6
main
System recalculated raw risk assessment
System detected CVE-2025-22869 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System removed scanner:
main
System removed scanner:
main
System detected CVE-2025-22869 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System detected CVE-2025-22869 with scanner: container-scanning github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning
main
System removed scanner:
main
T
Tim Bastin fixed CVE-2025-22869
main
System detected CVE-2025-22869 with a risk of 2.6
main
T
Tim Bastin fixed CVE-2025-22869
main
System detected CVE-2025-22869 with a risk of 2.6
main

Add a comment

Last calculated at:

Affected component

golang.org/x/crypto

Installed version:

0.32.0

Fixed in:

v0.35.0

Show in dependency graph

Quick Fix

Update all Dependencies

Update only golang.org/x/crypto