CVE-2025-46807 HIGH

CVE-2025-46807: File Descriptor Exhaustion in sslh-select and sslh-ev triggers SEGFAULT

Vendor Https://Github.com/Yrutschle/Sslh/Releases/Tag/V2.2.4
Product sslh
Weakness CWE-770 · Uncontrolled resource consumption
Published June 2, 2025
Last update June 2, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A Allocation of Resources Without Limits or Throttling vulnerability in sslh allows attackers to easily exhaust the file descriptors in sslh and deny legitimate users service.This issue affects sslh before 2.2.4.

Key dates

02Disclosure timeline

June 2, 2025 CVE published
June 2, 2025 Record updated