45 matches found
Azure Linux 3.0 Security Update: libssh (CVE-2023-6004)
The version of libssh installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6004 advisory. - A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked...
Security Bulletin: IBM Storage Ceph is vulnerable to Injection in the RHEL UBI (CVE-2023-6004)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. CVE-2023-6004 This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. Vulnerability Details CVEID:CVE-2023-6004 DESCRIPTION: libssh could allow a local authenticated attacker to execute...
TencentOS Server 3: libssh (TSSA-2024:0219)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0219 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Security Bulletin: Vulnerability in libssh affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in libssh has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabilit...
Alibaba Cloud Linux 3 : 0119: libssh (ALINUX3-SA-2024:0119)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0119 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-6004: A flaw was found in libssh...
RLSA-2024:2504 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
RockyLinux 9 : libssh (RLSA-2024:2504)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2504 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for...
CVE-2023-6004 affecting package libssh for versions less than 0.10.6-1
CVE-2023-6004 affecting package libssh for versions less than 0.10.6-1. An upgraded version of the package is available that resolves this issue...
Advisory ROSA-SA-2025-2674
software: libssh 0.9.8 OS: ROSA-CHROME packageevrstring: libssh-0.9.8-1 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection negotiation process and...
Security Bulletin: Vulnerabilities in libssh (CVE-2023-6004, CVE-2023-6918) affect Power HMC.
Summary The libssh library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2023-6004 DESCRIPTION: libssh could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.19 LTS, 12.0.1 LTS and 12.2.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...
RLSA-2024:3233 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
libssh security update
0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...
ALSA-2024:3233 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
Oracle Linux 9 : libssh (ELSA-2024-2504)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2504 advisory. 0.10.4-13 - Bump up the version so that the version in 9.3 is lower. - Resolves: RHEL-19310, RHEL-19691, RHEL-17245 Tenable has extracted the preceding...
Low: Red Hat Security Advisory: libssh security update
An update for libssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
ALSA-2024:2504 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
RHEL 9 : libssh (RHSA-2024:2504)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2504 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...