VYPR

rpm package

suse/libssh2_org&distro=SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

pkg:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Vulnerabilities (3)

  • CVE-2023-48795MedDec 18, 2023
    affected < 1.11.0-150000.4.22.1fixed 1.11.0-150000.4.22.1

    The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end

  • CVE-2020-22218Aug 22, 2023
    affected < 1.9.0-150000.4.16.1fixed 1.9.0-150000.4.16.1

    An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.

  • CVE-2019-17498Oct 21, 2019
    affected < 1.11.0-150000.4.19.1fixed 1.11.0-150000.4.19.1

    In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive inf