CVE-2025-70034
published 2026-03-09CVE-2025-70034: An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.34%
25.7th percentile
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mscdex | ssh2 | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qrjm-6rpx-w2rx: An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4
ghsa_unreviewed·2026-03-09
CVE-2025-70034 GHSA-qrjm-6rpx-w2rx: An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
Red Hat
ssh2: ssh2: Denial of Service due to inefficient regular expression complexity
vendor_redhat·2026-03-09·CVSS 7.5
CVE-2025-70034 [HIGH] CWE-1333 ssh2: ssh2: Denial of Service due to inefficient regular expression complexity
ssh2: ssh2: Denial of Service due to inefficient regular expression complexity
An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in mscdex ssh2 v1.17.0.
A flaw was found in ssh2. This vulnerability, categorized as CWE-1333 (Inefficient Regular Expression Complexity), allows a remote attacker to cause a Denial of Service (DoS) by sending specially crafted input that triggers inefficient processing of regular expressions. This can lead to the affected component becoming unresponsive.
Package: rhdesktop/rh-podman-desktop-ext-bootc-rhel10 (Red Hat Build of Podman Desktop - Tech Preview) - Fix deferred
Package: rhdesktop/rh-podman-desktop-ext-rhel-rhel10 (Red Hat Build of Podman Desktop - Tech Preview) - Fix deferred
Package: rhdh/rhdh-hub-rhe
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-03-09
Published