VulnerableCode Package Details - pkg:pypi/paramiko@2.3.2

Search for packages

Vulnerability	Summary	Fixed by
VCID-6zuj-xf3s-nbf9 Aliases: CVE-2018-1000805 GHSA-f2j6-wrhh-v25m PYSEC-2018-69	Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.	2.3.3 Affected by 0 other vulnerabilities. 2.4.2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-6zuj-xf3s-nbf9
Aliases:
CVE-2018-1000805
GHSA-f2j6-wrhh-v25m
PYSEC-2018-69

Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via network connectivity.

2.3.3
Affected by 0 other vulnerabilities.

2.4.2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-3nbs-d4je-67fb	transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.	CVE-2018-7750 GHSA-232r-66cg-79px PYSEC-2018-19

Vulnerability

Summary

Aliases

VCID-3nbs-d4je-67fb

transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.

CVE-2018-7750
GHSA-232r-66cg-79px
PYSEC-2018-19

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-08-01T09:14:52.583362+00:00	GitLab Importer	Affected by	VCID-6zuj-xf3s-nbf9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-1000805.yml	37.0.0
2025-08-01T08:33:42.611121+00:00	PyPI Importer	Fixing	VCID-3nbs-d4je-67fb	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	37.0.0
2025-08-01T08:04:50.685495+00:00	GHSA Importer	Affected by	VCID-6zuj-xf3s-nbf9	https://github.com/advisories/GHSA-f2j6-wrhh-v25m	37.0.0
2025-07-31T12:27:14.430690+00:00	GHSA Importer	Fixing	VCID-3nbs-d4je-67fb	https://github.com/advisories/GHSA-232r-66cg-79px	37.0.0
2025-07-31T09:23:01.721230+00:00	GitLab Importer	Fixing	VCID-3nbs-d4je-67fb	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/paramiko/CVE-2018-7750.yml	37.0.0
2025-07-31T08:56:39.934234+00:00	GithubOSV Importer	Fixing	VCID-3nbs-d4je-67fb	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/07/GHSA-232r-66cg-79px/GHSA-232r-66cg-79px.json	37.0.0
2025-07-31T08:06:48.543688+00:00	Pypa Importer	Fixing	VCID-3nbs-d4je-67fb	https://github.com/pypa/advisory-database/blob/main/vulns/paramiko/PYSEC-2018-19.yaml	37.0.0