Nixpkgs Security Tracker

Login with GitHub

Suggestion detail

Untriaged
(browse all)
Permalink CVE-2025-48038
created 4 months, 3 weeks ago
Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers