CVE-2025-14946

Source
https://cve.org/CVERecord?id=CVE-2025-14946
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14946.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-14946
Downstream
Related
Published
2025-12-19T13:02:38.342Z
Modified
2026-07-08T07:08:57.677911342Z
Severity
  • 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L CVSS Calculator
Summary
Libnbd: libnbd: arbitrary code execution via ssh argument injection through a malicious uri
Details

A flaw was found in libnbd. A malicious actor could exploit this by convincing libnbd to open a specially crafted Uniform Resource Identifier (URI). This vulnerability arises because non-standard hostnames starting with '-o' are incorrectly interpreted as arguments to the Secure Shell (SSH) process, rather than as hostnames. This could lead to arbitrary code execution with the privileges of the user running libnbd.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/14xxx/CVE-2025-14946.json",
    "cwe_ids": [
        "CWE-88"
    ],
    "cna_assigner": "redhat"
}
References

Affected packages

Git / gitlab.com/nbdkit/libnbd

Affected ranges

Type
GIT
Repo
https://gitlab.com/nbdkit/libnbd
Events
Introduced
Fixed
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "AFFECTED_FIELD",
    "extracted_events": [
        {
            "introduced": "1.22.0"
        },
        {
            "fixed": "1.22.5"
        },
        {
            "introduced": "1.23.0"
        },
        {
            "fixed": "1.23.9"
        }
    ]
}

Affected versions

v1.*
v1.22.0
v1.22.1
v1.22.2
v1.22.3
v1.22.4
v1.23.1
v1.23.2
v1.23.3
v1.23.4
v1.23.6
v1.23.7
v1.23.8

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-14946.json"