Search for packages
| purl | pkg:rpm/redhat/python-paramiko@2.1.1-4?arch=el7 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-3jh2-znva-2bb6
Aliases: CVE-2018-7750 GHSA-232r-66cg-79px PYSEC-2018-19 |
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. | There are no reported fixed by versions. |
|
VCID-6ht6-jwwn-wuf4
Aliases: CVE-2018-1101 |
ansible-tower: Privilege escalation flaw allows for organization admins to obtain system privileges | There are no reported fixed by versions. |
|
VCID-cg26-agyn-rbf6
Aliases: CVE-2018-1104 |
ansible-tower: Remote code execution by users with access to define variables in job templates | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:25:48.067071+00:00 | RedHat Importer | Affected by | VCID-3jh2-znva-2bb6 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7750.json | 38.0.0 |
| 2026-04-01T14:25:07.139775+00:00 | RedHat Importer | Affected by | VCID-cg26-agyn-rbf6 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1104.json | 38.0.0 |
| 2026-04-01T14:25:07.009724+00:00 | RedHat Importer | Affected by | VCID-6ht6-jwwn-wuf4 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1101.json | 38.0.0 |