JLSEC-2025-189 An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access...

🗓️ 27 Oct 2025 15:45:54Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

An issue in function _libssh2_packet_add of libssh2 1.10.0 allows access to out of bounds memory.

Reporter	Title	Published	Views	Family All 75
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Planning Analytics	11 Feb 202620:17	–	ibm
IBM Security Bulletins	Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to out of bounds memory access due to the libssh2 package (CVE-2020-22218)	23 Jul 202513:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	16 Nov 202318:47	–	ibm
Tenable Nessus	Amazon Linux 2 : libssh2 (ALAS-2023-2257)	20 Sep 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : libssh2 (ALAS-2023-1834)	25 Sep 202300:00	–	nessus
Tenable Nessus	CentOS 7 : libssh2 (RHSA-2023:5615)	22 Dec 202300:00	–	nessus
Tenable Nessus	Debian dla-3559 : libssh2-1 - security update	8 Sep 202300:00	–	nessus
Tenable Nessus	F5 Networks BIG-IP : libssh2 vulnerability (K000138219)	12 Jan 202400:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: libssh2 (CVE-2020-22218)	28 Sep 202300:00	–	nessus
Tenable Nessus	MiracleLinux 7 : libssh2-1.8.0-4.el7.1 (AXSA:2023-6489:01)	20 Jan 202600:00	–	nessus

Source	Link
github	www.github.com/libssh2/libssh2/pull/476
lists	www.lists.debian.org/debian-lts-announce/2023/09/msg00006.html
security	www.security.netapp.com/advisory/ntap-20231006-0002/

06 Nov 2025 23:02Current

7High risk

Vulners AI Score7

CVSS 3.17.5

EPSS0.00078

SSVC

libssh2 packet add function out of bounds version 1.10.0