rpm package
suse/python-paramiko&distro=SUSE Linux Enterprise Module for Basesystem 15 SP3
pkg:rpm/suse/python-paramiko&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-24302 | — | < 2.4.2-150100.6.12.1 | 2.4.2-150100.6.12.1 | Mar 17, 2022 | In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. | ||
| CVE-2018-1000805 | Hig | 8.8 | < 2.4.3-150100.6.15.1 | 2.4.3-150100.6.15.1 | Oct 8, 2018 | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. |
- CVE-2022-24302Mar 17, 2022affected < 2.4.2-150100.6.12.1fixed 2.4.2-150100.6.12.1
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure.
- affected < 2.4.3-150100.6.15.1fixed 2.4.3-150100.6.15.1
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.