CVE-2025-70034
Inefficient Regex Complexity in mscdex ssh2 v
Publication date: 2026-03-09
Last updated on: 2026-05-06
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mscdex | ssh2 | 1.17.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1333 | The product uses a regular expression with an inefficient, possibly exponential worst-case computational complexity that consumes excessive CPU cycles. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-70034 is a vulnerability found in the mscdex ssh2 library version 1.17.0. It is related to CWE-1333, which concerns Inefficient Regular Expression Complexity. The issue arises because the library uses inefficient regular expressions that can consume excessive system resources when processing specially crafted malicious input.
This excessive resource consumption can lead to a denial of service (DoS) condition, where the system becomes overwhelmed and unable to function properly due to the complex evaluation of the malicious input.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a potential denial of service (DoS) attack. An attacker can exploit the inefficient regular expressions in the mscdex ssh2 library by sending specially crafted input that causes the system to consume excessive resources.
This resource exhaustion can degrade system performance or cause the application or server using the ssh2 library to become unresponsive or crash, disrupting normal operations.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
CVE-2025-70034 is caused by inefficient regular expression complexity in the mscdex ssh2 library version 1.17.0, which can lead to excessive resource consumption and potential denial of service when processing specially crafted input.
Detection on your network or system would involve monitoring for unusual resource usage or denial of service symptoms when the vulnerable ssh2 library is in use.
Since the vulnerability is in a specific library version, one practical detection step is to identify if mscdex ssh2 version 1.17.0 is present in your environment.
- Check installed npm packages for ssh2 version 1.17.0 using: npm list ssh2
- Monitor system resource usage (CPU, memory) for processes using the ssh2 library, especially under suspicious or heavy SSH traffic.
- Use network monitoring tools to detect abnormal SSH session behavior or repeated failed connections that might trigger the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate CVE-2025-70034, the primary step is to avoid using the vulnerable version 1.17.0 of the mscdex ssh2 library.
If possible, upgrade to a later version of the ssh2 library where this inefficient regular expression complexity issue has been addressed.
If an upgrade is not immediately possible, consider implementing resource limits on processes using the ssh2 library to reduce the impact of potential denial of service.
Additionally, monitor and restrict incoming SSH traffic to trusted sources to reduce exposure to malicious input triggering the vulnerability.