VYPR
Moderate severityNVD Advisory· Published Nov 19, 2025· Updated Nov 20, 2025

Unbounded memory consumption in golang.org/x/crypto/ssh

CVE-2025-58181

Description

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
golang.org/x/cryptoGo
< 0.45.00.45.0

Affected products

5521

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.