Search for packages
| purl | pkg:deb/debian/golang-go.crypto@1:0.0~git20200221.2aa609c-1 |
| Tags | Ghost |
| Next non-vulnerable version | 1:0.17.0-1 |
| Latest non-vulnerable version | 1:0.17.0-1 |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8j9x-rjkk-c3d9
Aliases: CVE-2020-29652 GHSA-3vm4-22fp-5rfm |
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the `gssapi-with-mic` method which will cause NewServerConn to panic via a nil pointer dereference if ServerConfig.GSSAPIWithMICConfig is nil. |
Affected by 4 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-08-01T20:12:29.971745+00:00 | Debian Oval Importer | Affected by | VCID-8j9x-rjkk-c3d9 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T18:07:03.559470+00:00 | Debian Oval Importer | Fixing | VCID-ax99-mn3q-nkhb | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T17:54:44.368533+00:00 | Debian Oval Importer | Fixing | VCID-aujr-3zyr-q3df | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |
| 2025-08-01T16:40:25.955736+00:00 | Debian Oval Importer | Fixing | VCID-sb3w-9mzd-ayc5 | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 37.0.0 |