CVE-2025-4658 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH d…
Critical CVSS: 9.3

CVE-2025-4658

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.
Vendor
Openpubkey
Product
Openpubkey
CWE
CWE-305
Yayın Tarihi
2025-05-13 17:16:04
Güncelleme
2025-05-22 18:43:37
Source Identifier
cna@cloudflare.com
KEV Date Added
-

Kategoriler

CWE-305 Openpubkey CRITICAL Openpubkey 2025

Referanslar

https://github.com/openpubkey/opkssh