VYPR

rpm package

suse/libssh&distro=SUSE Linux Enterprise Module for Basesystem 15 SP1

pkg:rpm/suse/libssh&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1

Vulnerabilities (2)

  • CVE-2020-1730Apr 13, 2020
    affected < 0.8.7-10.12.1fixed 0.8.7-10.12.1

    A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the con

  • CVE-2019-14889Dec 10, 2019
    affected < 0.8.7-10.6.2fixed 0.8.7-10.6.2

    A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where