Description

A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.

Related CPE's

a

wolfssh

wolfssh

Vulnerable

References

https://github.com/wolfSSL/wolfssh/pull/859

Issue Tracking

Weaknesses

[email protected]

Secondary
CWE-125

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

8.1 · High

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2026-01-06T18:15:42.400Z

6 days ago

Last modified

2026-01-12T17:57:20.847Z

6 hours ago