apk package
wolfi/libssh-dev
pkg:apk/wolfi/libssh-dev
Vulnerabilities (8)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-14821 | Hig | 7.8 | < 0.12.0-r2 | 0.12.0-r2 | Apr 7, 2026 | A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communi | |
| CVE-2025-8114 | Med | 4.7 | < 0.11.3-r0 | 0.11.3-r0 | Jul 24, 2025 | A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to cra | |
| CVE-2025-5987 | — | < 0.11.3-r0 | 0.11.3-r0 | Jul 7, 2025 | A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returne | ||
| CVE-2025-5318 | — | < 0.11.3-r0 | 0.11.3-r0 | Jun 24, 2025 | A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, w | ||
| CVE-2023-6004 | — | < 0.10.6-r0 | 0.10.6-r0 | Jan 3, 2024 | A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. | ||
| CVE-2023-6918 | — | < 0.10.6-r0 | 0.10.6-r0 | Dec 18, 2023 | A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or | ||
| CVE-2023-48795 | Med | 5.9 | < 0.10.6-r0 | 0.10.6-r0 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end | |
| CVE-2023-3603 | — | < 0 | 0 | Jul 21, 2023 | A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely cras |
- affected < 0.12.0-r2fixed 0.12.0-r2
A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation of trusted host information, posing a significant risk to the confidentiality, integrity, and availability of SSH communi
- affected < 0.11.3-r0fixed 0.11.3-r0
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to cra
- CVE-2025-5987Jul 7, 2025affected < 0.11.3-r0fixed 0.11.3-r0
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returne
- CVE-2025-5318Jun 24, 2025affected < 0.11.3-r0fixed 0.11.3-r0
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, w
- CVE-2023-6004Jan 3, 2024affected < 0.10.6-r0fixed 0.10.6-r0
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
- CVE-2023-6918Dec 18, 2023affected < 0.10.6-r0fixed 0.10.6-r0
A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The return values from these were not properly checked, which could cause low-memory situations failures, NULL dereferences, crashes, or
- affected < 0.10.6-r0fixed 0.10.6-r0
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end
- CVE-2023-3603Jul 21, 2023affected < 0fixed 0
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely cras