Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:pypi/paramiko@2.3.2
purl pkg:pypi/paramiko@2.3.2
Next non-vulnerable version 2.3.3
Latest non-vulnerable version 3.4.0
Risk 4.4
Vulnerabilities affecting this package (1)
Vulnerability Summary Fixed by
VCID-9qz7-3cqa-tyd3
Aliases:
CVE-2018-1000805
GHSA-f2j6-wrhh-v25m
PYSEC-2018-69
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.
2.3.3
Affected by 0 other vulnerabilities.
2.4.2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-3jh2-znva-2bb6 transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. CVE-2018-7750
GHSA-232r-66cg-79px
PYSEC-2018-19

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T01:23:12.160588+00:00 GHSA Importer Affected by VCID-9qz7-3cqa-tyd3 https://github.com/advisories/GHSA-f2j6-wrhh-v25m 38.4.0
2026-04-16T01:20:45.183465+00:00 GHSA Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/advisories/GHSA-232r-66cg-79px 38.4.0
2026-04-11T21:58:48.322814+00:00 GitLab Importer Affected by VCID-9qz7-3cqa-tyd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-1000805.yml 38.3.0
2026-04-11T21:57:03.764569+00:00 GitLab Importer Fixing VCID-3jh2-znva-2bb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-7750.yml 38.3.0
2026-04-11T12:52:33.666690+00:00 GHSA Importer Affected by VCID-9qz7-3cqa-tyd3 https://github.com/advisories/GHSA-f2j6-wrhh-v25m 38.3.0
2026-04-11T12:49:02.048495+00:00 GHSA Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/advisories/GHSA-232r-66cg-79px 38.3.0
2026-04-02T22:12:06.725759+00:00 GitLab Importer Affected by VCID-9qz7-3cqa-tyd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-1000805.yml 38.1.0
2026-04-02T22:10:26.933257+00:00 GitLab Importer Fixing VCID-3jh2-znva-2bb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-7750.yml 38.1.0
2026-04-02T13:45:21.922191+00:00 GHSA Importer Affected by VCID-9qz7-3cqa-tyd3 https://github.com/advisories/GHSA-f2j6-wrhh-v25m 38.1.0
2026-04-02T13:43:32.447004+00:00 GHSA Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/advisories/GHSA-232r-66cg-79px 38.1.0
2026-04-01T16:29:28.560842+00:00 GitLab Importer Affected by VCID-9qz7-3cqa-tyd3 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-1000805.yml 38.0.0
2026-04-01T15:56:28.425004+00:00 GHSA Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/advisories/GHSA-232r-66cg-79px 38.0.0
2026-04-01T15:00:12.841082+00:00 PyPI Importer Fixing VCID-3jh2-znva-2bb6 https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip 38.0.0
2026-04-01T13:03:59.328521+00:00 GithubOSV Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-232r-66cg-79px/GHSA-232r-66cg-79px.json 38.0.0
2026-04-01T12:47:50.995338+00:00 GitLab Importer Fixing VCID-3jh2-znva-2bb6 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-7750.yml 38.0.0
2026-04-01T12:41:41.641200+00:00 Pypa Importer Fixing VCID-3jh2-znva-2bb6 https://github.com/pypa/advisory-database/blob/main/vulns/paramiko/PYSEC-2018-19.yaml 38.0.0