1815 matches found
USN-7696-1 libssh vulnerabilities
Ronald Crane discovered that libssh incorrectly handled certain base64 conversions. An attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-4877 Ronald Crane discovered that libssh incorrectly handled the...
Security update for libssh
This update for libssh fixes the following issues: CVE-2025-4877: Fixed write beyond bounds in binary to base64 conversion functions bsc1245309. CVE-2025-4878: Fixed use of uninitialized variable in privatekeyfromfile bsc1245310. CVE-2025-5318: Fixed likely read beyond bounds in sftp server handl...
Linux Distros Unpatched Vulnerability : CVE-2025-8114
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failu...
Linux Distros Unpatched Vulnerability : CVE-2025-4878
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be...
[SECURITY] Fedora 41 Update: libssh-0.11.2-1.fc41
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
Fedora: Security Advisory (FEDORA-2025-18e8506d3a)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 41 : libssh (2025-18e8506d3a)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-18e8506d3a advisory. New upstream release with security fixes for CVE-2025-4877, CVE-2025-4878, CVE-2025-5987, CVE-2025-5318, CVE-2025-5351, CVE-2025-5372, CVE-2025-5449...
CVE-2025-5449
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
DEBIAN-CVE-2025-5449
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449 Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash,...
CVE-2025-5449
CVE-2025-5449 affects libssh’s SFTP server message decoding. The root cause is an integer overflow caused by an incorrect packet length check, enabling overflow when processing large payloads on 32-bit systems. This leads to a failed memory allocation and can crash the server process, causing a d...
libssh 输入验证错误漏洞
libssh is a C development package from the libssh organization for accessing SSH services, which are capable of executing remote commands, file transfers, as well as providing a secure transport channel for remote programs. An input validation error vulnerability exists in libssh that stems from ...
NewStart CGSL MAIN 7.02 : libssh Vulnerability (NS-SA-2025-0184)
The remote NewStart CGSL host, running version MAIN 7.02, has libssh packages installed that are affected by a vulnerability: - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that...
SUSE CVE-2025-8114
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
CVE-2025-8114
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...
AZL-66267 CVE-2025-8114 affecting package libssh for versions less than 0.10.6-5
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange KEX process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash...