Search for packages
| purl | pkg:deb/debian/paramiko@2.4.2-0.1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-u5kv-fs72-aaar
Aliases: CVE-2022-24302 GHSA-f8q4-jwww-x3wv PYSEC-2022-166 |
In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. |
Affected by 0 other vulnerabilities. Affected by 2 other vulnerabilities. Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9k5y-a5st-aaap | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity. |
CVE-2018-1000805
GHSA-f2j6-wrhh-v25m PYSEC-2018-69 |
| VCID-zx4q-ry22-aaam | transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. |
CVE-2018-7750
GHSA-232r-66cg-79px PYSEC-2018-19 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T14:59:58.095474+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:49:32.114976+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:01:29.670229+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-20T22:03:30.170026+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | None | 36.1.3 |
| 2025-06-20T21:58:10.361118+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | None | 36.1.3 |
| 2025-06-20T20:33:25.827139+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | None | 36.1.3 |
| 2025-06-08T12:47:45.152337+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.1.0 |
| 2025-06-08T07:53:21.216585+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:43:42.206011+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:56:24.581452+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-07T15:27:14.760797+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | None | 36.1.0 |
| 2025-06-07T15:21:37.034659+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | None | 36.1.0 |
| 2025-06-07T14:06:27.284195+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | None | 36.1.0 |
| 2025-04-12T22:26:53.102779+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-12T18:34:40.199457+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 | 36.0.0 |
| 2025-04-08T06:25:45.735469+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T05:16:10.299701+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:28:17.112858+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-07T13:58:23.879509+00:00 | Debian Oval Importer | Fixing | VCID-9k5y-a5st-aaap | None | 36.0.0 |
| 2025-04-07T13:52:59.037337+00:00 | Debian Oval Importer | Affected by | VCID-u5kv-fs72-aaar | None | 36.0.0 |
| 2025-04-07T12:40:11.408307+00:00 | Debian Oval Importer | Fixing | VCID-zx4q-ry22-aaam | None | 36.0.0 |
| 2025-04-06T21:51:40.310220+00:00 | Debian Importer | Affected by | VCID-u5kv-fs72-aaar | None | 36.0.0 |
| 2025-02-20T18:13:12.061916+00:00 | Debian Importer | Affected by | VCID-u5kv-fs72-aaar | None | 35.1.0 |
| 2024-04-25T12:36:51.650943+00:00 | Debian Importer | Affected by | VCID-u5kv-fs72-aaar | None | 34.0.0rc4 |
| 2024-01-11T14:29:26.039638+00:00 | Debian Importer | Affected by | VCID-u5kv-fs72-aaar | None | 34.0.0rc2 |
| 2024-01-05T00:00:32.712338+00:00 | Debian Importer | Affected by | VCID-u5kv-fs72-aaar | None | 34.0.0rc1 |