CVE-2019-3863

🗓️ 25 Mar 2019 17:52:10Reported by redhatType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 430 Views

A flaw in libssh2 before 1.8.1 allows for out of bounds memory write error

Reporter	Title	Published	Views	Family All 180
IBM Security Bulletins	Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in libssh2	7 Dec 202322:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM Application Framework v1 (CentOS6) is End of Life	14 Dec 202120:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Open Source vulnerabilities	10 Jan 202008:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by multiple vulnerabilities in libssh2	4 Jun 202015:26	–	ibm
IBM Security Bulletins	Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863)	16 Jul 201919:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM ToolsCenter Dynamic System Analysis (DSA) Preboot is affected by multiple vulnerabilities.	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabiliies in libssh2 affect PowerKVM	17 May 201916:05	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance	30 May 201921:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities	28 Oct 202017:16	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by multiple libssh2 vulnerabilities (CVE-2019-3863, CVE-2019-3857, CVE-2019-3856, CVE-2019-3855)	27 Jun 201908:35	–	ibm

NVD

Vulners

Node

libssh2 libssh2Range<1.8.1

Node

debian debian_linuxMatch8.0

Node

netapp ontap_select_deploy_administration_utilityMatch-

Node

opensuse leapMatch15.0

opensuse leapMatch42.3

Node

redhat enterprise_linux_desktopMatch7.0

redhat enterprise_linux_serverMatch7.0

redhat enterprise_linux_server_ausMatch7.6

redhat enterprise_linux_server_eusMatch7.6

redhat enterprise_linux_server_tusMatch7.6

redhat enterprise_linux_workstationMatch7.0

[
  {
    "product": "libssh2",
    "vendor": "The libssh2 Project",
    "versions": [
      {
        "status": "affected",
        "version": "1.8.1"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
lists	www.lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
lists	www.lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
access	www.access.redhat.com/errata/RHSA-2019:1652
access	www.access.redhat.com/errata/RHSA-2019:0679
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
lists	www.lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
debian	www.debian.org/security/2019/dsa-4431
access	www.access.redhat.com/errata/RHSA-2019:1791
security	www.security.netapp.com/advisory/ntap-20190327-0005/

19 Dec 2025 04:15Current

7High risk

Vulners AI Score7

CVSS 26.8

CVSS 37.5 - 8.8

EPSS0.08613

SSVC