Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (9)
| Vulnerability |
Summary |
Aliases |
|
VCID-97nz-s1q6-x3fc
|
Out-of-bounds Read
An out-of-bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
|
CVE-2019-3861
|
|
VCID-bcba-qntz-gkez
|
Out-of-bounds Write
A flaw was found in libssh2 A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out-of-bounds memory write error.
|
CVE-2019-3863
|
|
VCID-f1me-9vqd-j7f6
|
Out-of-bounds Write
An integer overflow flaw which could lead to an out-of-bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
|
CVE-2019-3855
|
|
VCID-gv2u-298u-jkcv
|
Out-of-bounds Read
An out-of-bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
|
CVE-2019-3859
|
|
VCID-k1js-k8q3-ekb2
|
Out-of-bounds Read
An out-of-bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
|
CVE-2019-3860
|
|
VCID-mevw-g6yq-eqa8
|
Out-of-bounds Write
An integer overflow flaw which could lead to an out-of-bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
|
CVE-2019-3857
|
|
VCID-qjzc-2hvn-2qg3
|
Out-of-bounds Write
An integer overflow flaw, which could lead to an out-of-bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
|
CVE-2019-3856
|
|
VCID-rv81-jwkz-w7b5
|
Out-of-bounds Read
An out-of-bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
|
CVE-2019-3858
|
|
VCID-sy5b-nfqk-6ucm
|
Out-of-bounds Read
An out-of-bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
|
CVE-2019-3862
|