Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2025-2523)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

RHEL 9 : libssh (RHSA-2025:23024)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:23024 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect...

Unity Linux 20.1070e Security Update: libssh (UTSA-2025-991099)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991099 advisory. A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during the...

Oracle Linux 10 : libssh (ELSA-2025-21013)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21013 advisory. 0.11.1-4 - Rebuild due to broken build auto-tagging Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...

Alibaba Cloud Linux 3 : 0189: libssh (ALINUX3-SA-2025:0189)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0189 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-5372: A flaw was found in libssh versions...

AlmaLinux 8 : libssh (ALSA-2025:21977)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:21977 advisory. libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 Tenable has extracted the preceding description block directly from the AlmaLinux securit...

RockyLinux 8 : libssh (RLSA-2025:18286)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:18286 advisory. libssh: out-of-bounds read in sftphandle CVE-2025-5318 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

Oracle Linux 9 : libssh (ELSA-2025-20943)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20943 advisory. 0.10.4-15 - Bump spec to make the 9.7 NVR higher than the 9.6 one 0.10.4-14 - Fix CVE-2025-5318 Resolves: RHEL-111732 Tenable has extracted the preceding...

Debian dla-4385 : libssh-4 - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4385 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4385-1 [email protected]...

Advisory ROSA-SA-2025-3107

Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 packageevrstring: libssh-0.9.6-14.rv3 CVE-ID: CVE-2023-48795 BDU-ID: 2023-08853 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the SSH protocol implementation is related to the ability to adjust packet sequence numbers during the connection...

JLSEC-2025-332 A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with th...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

ROS-20251128-01

A vulnerability in the firstkexpacketfollows function of the libssh library is related to a lack of memory release memory after an effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service...

Debian: Security Advisory (DLA-4385-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4385-1] libssh security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4385-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 27, 2025 https://wiki.debian.org/LTS -...

DLA-4385-1 libssh - security update

Bulletin has no description...

Security Bulletin: Vulnerabilities in multiple components affect IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary Vulnerabilities in libssh, iputils, glib2, libtasn1 and gnutls components affect IBM Storage Virtualize products and could cause denial of service and confidentiality impacts. CVE-2025-47268 CVE-2025-4373 CVE-2024-12133 CVE-2025-48964 CVE-2024-12243. Vulnerability Details...

RHSA-2025:21977 Red Hat Security Advisory: libssh security update

Bulletin has no description...