VulnerableCode Package Details - pkg:deb/ubuntu/dropbear@2018.76-3

Search for packages

Package details: pkg:deb/ubuntu/dropbear@2018.76-3

Essentials
History (0)

purl	pkg:deb/ubuntu/dropbear@2018.76-3

Next non-vulnerable version	2019.78-2build1
Latest non-vulnerable version	2019.78-2build1
Risk	3.1

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-7jux-nuw2-aaak Aliases: CVE-2019-12953	Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.	2019.78-2build1 Affected by 0 other vulnerabilities.
VCID-d4yt-814d-aaas Aliases: CVE-2018-15599	The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.	2018.76-4 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version