Critical severityNVD Advisory· Published May 13, 2025· Updated May 13, 2025
Authentication Bypass in OPKSSH
CVE-2025-4658
Description
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/openpubkey/opksshGo | < 0.5.0 | 0.5.0 |
Affected products
3- ghsa-coords2 versionspkg:golang/github.com/openpubkey/opksshpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
< 0.5.0+ 1 more
- (no CPE)range: < 0.5.0
- (no CPE)range: < 0.0.20250515T200012-1.1
- OPKSSH/OPKSSHv5Range: 0.1.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.