Vulnerability Report: GO-2025-4116

SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

Affected Packages

  • Path
    Go Versions
    Symbols
  • before v0.43.0
    6 unexported affected symbols
    • agentKeyringSigner.Sign
    • agentKeyringSigner.SignWithAlgorithm
    • client.List
    • client.Sign
    • client.SignWithFlags
    • client.Signers

Aliases

References

Credits

  • Jakub Ciolek, Nicola Murino

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL