14 matches found
Moderate: Red Hat Security Advisory: libssh security update
An update for libssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CVE-2026-0966 affecting package libssh for versions less than 0.10.6-7
CVE-2026-0966 affecting package libssh for versions less than 0.10.6-7. A patched version of the package is available...
CLSA-2026-1778068515 Fix CVE(s): CVE-2026-0966
SECURITY UPDATE: heap buffer underflow in sshgethexa on zero-length or NULL input, remotely reachable via GSSAPI authentication logging - debian/patches/CVE-2026-0966.patch: reject NULL/zero-length input in sshgethexa in src/dh.c - CVE-2026-0966: fix heap buffer underflow in sshgethexa...
CLSA-2026-1778003336 Fix CVE(s): CVE-2026-0966
SECURITY UPDATE: heap buffer underflow in sshgethexa when called with a NULL pointer or zero-length input - debian/patches/CVE-2026-0966.patch: add NULL/zero-length input validation in sshgethexa; add unit-test coverage - CVE-2026-0966...
CLSA-2026-1777939234 libssh: Fix of CVE-2026-0966
CVE-2026-0966: fix heap buffer underflow in sshgethexa on NULL or zero-length input, remotely reachable via GSSAPI authentication logging...
OPENSUSE-SU-2026:20647-1 Security update for libssh
This update for libssh fixes the following issues: - Update to version 0.11.4: - CVE-2026-0964: SCP Protocol Path Traversal in sshscppullrequest bsc1258049 - CVE-2026-0965: Possible Denial of Service when parsing unexpected configuration files bsc1258045 - CVE-2026-0966: Buffer underflow in...
OESA-2026-1562 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
OESA-2026-1559 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2026-1461)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1461 advisory. libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not...
Important: libssh
Issue Overview: libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 Affected Packages: libssh Issue Correction: Run dnf update libssh --releasever 2023.10.20260302 or dnf update --advisory ALAS2023-2026-1461 --releasever 2023.10.20260302 to update your system. More information o...
openSUSE Security Advisory (SUSE-SU-2026:0779-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-8051-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2026-0966
A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...
Linux Distros Unpatched Vulnerability : CVE-2026-0966
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely b...