Search for packages
| purl | pkg:maven/org.apache.sshd/sshd@2.9.3 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-r4e4-u4s6-63gc | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10 |
CVE-2023-35887
GHSA-mjmq-gwgm-5qhm |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:33:31.983147+00:00 | GitLab Importer | Fixing | VCID-r4e4-u4s6-63gc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.sshd/sshd/CVE-2023-35887.yml | 38.4.0 |
| 2026-04-11T23:52:30.118629+00:00 | GitLab Importer | Fixing | VCID-r4e4-u4s6-63gc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.sshd/sshd/CVE-2023-35887.yml | 38.3.0 |
| 2026-04-02T23:55:41.280045+00:00 | GitLab Importer | Fixing | VCID-r4e4-u4s6-63gc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.sshd/sshd/CVE-2023-35887.yml | 38.1.0 |
| 2026-04-01T12:51:32.659555+00:00 | GitLab Importer | Fixing | VCID-r4e4-u4s6-63gc | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.apache.sshd/sshd/CVE-2023-35887.yml | 38.0.0 |