CVE-2025-47913

Public on 2025-11-13
Modified on 2026-04-14
Description
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
6.5
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2023 git-lfs Pending Fix
Amazon Linux 2 - Docker Extra runfinch-finch 2026-05-14 ALAS2DOCKER-2026-117 Fixed
Amazon Linux 2023 runfinch-finch 2026-02-05 ALAS2023-2026-1420 Fixed
Amazon Linux 2023 runfinch-finch 2026-05-14 ALAS2023-2026-1671 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2025-47913 Mitre: CVE-2025-47913