216.73.216.86

CVE-2025-40913

· Published 16/07/2025 14:15 · Modified 16/07/2025 21:15

Labels: CVE-2025-40913 2025-07-169b29abf9-4ab0-4765-b253-1875cd9b441eCVE-2025-40913

Essential information

Published
16/07/2025 14:15
Modified
16/07/2025 21:15
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CVSS metrics

Description

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow. Net::Dropbear embeds a version of the libtommath library that is susceptible to an integer overflow associated with CVE-2023-36328.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
9b29abf9-4ab0-4765-b253-1875cd9b441e
NVD
View on NVD

Affected products (CPE)

ProductCPE
net / dropbear cpe:2.3:a:net:dropbear:*:*:*:*:*:*:*:*
libtommath / libtommath cpe:2.3:a:libtommath:libtommath:*:*:*:*:*:*:*:*

References