rpm package
suse/python-paramiko&distro=SUSE Enterprise Storage 3
pkg:rpm/suse/python-paramiko&distro=SUSE%20Enterprise%20Storage%203
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-7750 | Cri | 9.8 | < 1.15.2-2.6.1 | 1.15.2-2.6.1 | Mar 13, 2018 | transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing othe | |
| CVE-2013-7459 | Cri | 9.8 | < 1.15.2-2.3.1 | 1.15.2-2.3.1 | Feb 15, 2017 | Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. |
- affected < 1.15.2-2.6.1fixed 1.15.2-2.6.1
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing othe
- affected < 1.15.2-2.3.1fixed 1.15.2-2.3.1
Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py.