Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

Vulnrichment
Vulnrichmentadded 2025/08/05 12:5 a.m.4 views

CVE-2025-54804 Russh is missing an overflow check during channel windows adjust

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS6.7AI score0.00369EPSS
Exploits1References2
CVE
CVEadded 2025/08/05 12:5 a.m.32 views

CVE-2025-54804

Russh is a Rust SSH client/server library. In versions ≤0.54.0, CHANNEL_WINDOW_ADJUST handling computes recipient_window_size from the decoded value without proper overflow checks, causing an integer overflow that can crash the server. The issue is fixed in version 0.54.1. Attacker impact is serv...

6.5CVSS7AI score0.00369EPSS
Exploits1References2Affected Software2
Debian CVE
Debian CVEadded 2025/08/05 12:5 a.m.4 views

CVE-2025-54804

Russh is a Rust SSH client & server library. In versions 0.54.0 and below, the channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an...

6.5CVSS5.9AI score0.00369EPSS
Exploits1
OSV
OSVadded 2025/08/04 8:28 p.m.5 views

GHSA-H5RC-J5F5-3GCM russh is missing overflow checks during channel windows adjust

Summary The channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an internal state value. This can result in a integer overflow. If the Rus...

6.5CVSS6.6AI score0.00369EPSS
Exploits1References4
Github Security Blog
Github Security Blogadded 2025/08/04 8:28 p.m.6 views

russh is missing overflow checks during channel windows adjust

Summary The channel window adjust message of the SSH protocol is used to track the free space in the receive buffer of the other side of a channel. The current implementation takes the value from the message and adds it to an internal state value. This can result in a integer overflow. If the Rus...

6.5CVSS7.6AI score0.00369EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2025/08/04 12:0 a.m.7 views

PT-2025-31887 · Russh · Russh

Name of the Vulnerable Software and Affected Versions: Russh versions 0.54.0 and earlier Description: Russh is a Rust SSH client & server library. The implementation of the SSH protocol's channel window adjust message does not properly validate the incoming value, leading to a potential integer...

6.5CVSS6.8AI score0.00369EPSS
Exploits1References10
Rows per page
Query Builder