CVE-2025-52936

Name
CVE-2025-52936
Description
Improper Link Resolution Before File Access ('Link Following') vulnerability in yrutschle sslh.This issue affects sslh: before 2.2.2.
NVD Severity
high
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
patch https://github.com/yrutschle/sslh/pull/494
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2025/07/msg00001.html

Match rules

CPE URI Source package Min version Max version
sslh >= 0 < 2.2.2

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
sslh edge-community 2.1.2-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
sslh edge-community 2.1.2-r1 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
sslh edge-community 2.1.4-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
sslh edge-community 2.1.4-r1 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
sslh 3.22-community 2.1.2-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable
sslh 3.22-community 2.1.4-r0 Francesco Colista <fcolista@alpinelinux.org> possibly vulnerable