CVE-2025-4658

Published: May 13, 2025

Modified: May 13, 2025

PUBLISHED

Description

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and would allow an attacker to bypass OPKSSH authentication.

Vendor	Product	Versions
OPKSSH	OPKSSH	affected `0.1.0 - <= 0.4.0`

Weaknesses (CWE)

CWE-305

References

https://github.com/openpubkey/opkssh

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-4658

Description

Affected Products

Weaknesses (CWE)

References