Resource Exhaustion Vulnerability in sslh Affects Numerous Users
CVE-2025-46807

8.7HIGH

Key Information:

Vendor

Https://github.com/yrutschle/sslh/releases/tag/v2.2.4

Status
Sslh
Vendor
CVE Published:
2 June 2025

Badges

👾 Exploit Exists📰 News Worthy

What is CVE-2025-46807?

A resource exhaustion vulnerability in sslh permits attackers to deplete available file descriptors, leading to service denial for legitimate users. This issue impacts versions of sslh prior to 2.2.4, allowing malicious actors to overwhelm the system's resources, disrupting normal operations and access.

Affected Version(s)

sslh ? < 2.2.4

News Articles

favicon imageGBHackers News

Critical sslh Vulnerabilities Allow Remote Denial-of-Service Attacks

CVE-2025-46807 and CVE-2025-46806, could allow remote attackers to crash sslh or render it unavailable, resulting in a denial-of-service (DoS) for legitimate users.

References

https://github.com/yrutschle/sslh/releases/tag/v2.2.4
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46807

CVSS V4

Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • 📰

    First article discovered by GBHackers News

  • Vulnerability published

  • Vulnerability Reserved

Credit

Matthias Gerstner, SUSE
.