{"id":"CVE-2025-22869","details":"SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.","aliases":["GHSA-hcg3-q754-cr77","GO-2025-3487"],"modified":"2026-05-19T06:44:22.915273367Z","published":"2025-02-26T08:14:24.997Z","related":["ALSA-2025:3210","ALSA-2025:3833","ALSA-2025:7462","ALSA-2025:7484","CGA-299c-rxpx-5x42","SUSE-RU-2025:02091-1","SUSE-RU-2025:02092-1","SUSE-RU-2025:02093-1","SUSE-SU-2025:03540-1","SUSE-SU-2025:03545-1","SUSE-SU-2025:0770-1","SUSE-SU-2025:0980-1","SUSE-SU-2025:1014-1","SUSE-SU-2025:1017-1","SUSE-SU-2025:1018-1","SUSE-SU-2025:1036-1","SUSE-SU-2025:1037-1","SUSE-SU-2025:1038-1","SUSE-SU-2025:1062-1","SUSE-SU-2025:1094-1","SUSE-SU-2025:1102-1","SUSE-SU-2025:1332-1","SUSE-SU-2025:1333-1","SUSE-SU-2025:20184-1","SUSE-SU-2025:20198-1","SUSE-SU-2025:20205-1","SUSE-SU-2025:20210-1","SUSE-SU-2025:20279-1","SUSE-SU-2025:20328-1","SUSE-SU-2025:20360-1","SUSE-SU-2025:20373-1","SUSE-SU-2025:20377-1","SUSE-SU-2025:20393-1","SUSE-SU-2025:20869-1","SUSE-SU-2026:0439-1","SUSE-SU-2026:0592-1","SUSE-SU-2026:0972-1","SUSE-SU-2026:1118-1","SUSE-SU-2026:1763-1","SUSE-SU-2026:20626-1","SUSE-SU-2026:20641-1","openSUSE-SU-2025:0094-1","openSUSE-SU-2025:14839-1","openSUSE-SU-2025:14843-1","openSUSE-SU-2025:14877-1","openSUSE-SU-2025:14881-1","openSUSE-SU-2025:14883-1","openSUSE-SU-2025:14887-1","openSUSE-SU-2025:14900-1","openSUSE-SU-2025:14909-1","openSUSE-SU-2025:14918-1","openSUSE-SU-2025:14919-1","openSUSE-SU-2025:14923-1","openSUSE-SU-2025:14930-1","openSUSE-SU-2025:14932-1","openSUSE-SU-2025:14940-1","openSUSE-SU-2025:14985-1","openSUSE-SU-2025:14988-1","openSUSE-SU-2025:14990-1","openSUSE-SU-2025:15054-1","openSUSE-SU-2025:15220-1","openSUSE-SU-2025:15304-1","openSUSE-SU-2025:15305-1","openSUSE-SU-2025:15389-1","openSUSE-SU-2025:15454-1","openSUSE-SU-2025:15487-1","openSUSE-SU-2025:15763-1","openSUSE-SU-2025:20117-1","openSUSE-SU-2025:20143-1","openSUSE-SU-2025:20177-1","openSUSE-SU-2026:10230-1","openSUSE-SU-2026:20192-1","openSUSE-SU-2026:20305-1","openSUSE-SU-2026:20581-1","openSUSE-SU-2026:20620-1","openSUSE-SU-2026:20730-1"],"references":[{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20250411-0010/"},{"type":"ADVISORY","url":"https://pkg.go.dev/vuln/GO-2025-3487"},{"type":"FIX","url":"https://go.dev/cl/652135"},{"type":"FIX","url":"https://go.dev/issue/71931"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"0.35.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-22869.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}