Lucene search
K

23341 matches found

OSV
OSV
added 2025/07/04 6:15 a.m.7 views

AZL-64656 CVE-2025-5372 affecting package libssh for versions less than 0.10.6-2

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References1
OSV
OSV
added 2025/07/04 6:15 a.m.7 views

AZL-64650 CVE-2025-5372 affecting package libssh for versions less than 0.10.6-2

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 6:15 a.m.6 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS0.00407EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2025/07/04 6:15 a.m.5 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.7AI score0.00407EPSS
Exploits0References7
OSV
OSV
added 2025/07/04 6:15 a.m.5 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS5.7AI score0.00407EPSS
Exploits0References4
OSV
OSV
added 2025/07/04 6:15 a.m.2 views

DEBIAN-CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.3AI score0.00407EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/07/04 6:1 a.m.10 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.2AI score0.00407EPSS
Exploits0
CVE
CVE
added 2025/07/04 6:1 a.m.85 views

CVE-2025-5372

The CVE-2025-5372 issue affects libssh builds with OpenSSL

8.8CVSS6.7AI score0.00407EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/04 6:1 a.m.3 views

CVE-2025-5372 Libssh: incorrect return code handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

5CVSS6.9AI score0.00407EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/07/04 6:1 a.m.12 views

CVE-2025-5372 Libssh: incorrect return code handling in ssh_kdf() in libssh

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

5CVSS0.00407EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2025/07/04 6:1 a.m.4 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.3AI score0.00407EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/07/04 6:1 a.m.4 views

CVE-2025-5372

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the sshkdf function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenl...

8.8CVSS6.2AI score0.00407EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/07/03 10:45 a.m.1 views

Security update for openssl-3

This update for openssl-3 fixes the following issues: CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

6CVSS7.3AI score0.00601EPSS
Exploits0References4
OSV
OSV
added 2025/07/03 10:28 a.m.2 views

SUSE-SU-2025:20464-1 Security update for openssl-3

This update for openssl-3 fixes the following issues: - CVE-2024-13176: Fixed timing side-channel in the ECDSA signature computation bsc1236136...

4.1CVSS6.4AI score0.00601EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/07/02 8:20 a.m.4 views

Security update for python-cryptography

This update for python-cryptography fixes the following issues: CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

6.3CVSS7.3AI score0.00452EPSS
Exploits0References4
OSV
OSV
added 2025/07/02 8:19 a.m.3 views

SUSE-SU-2025:20463-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2025-3416: openssl: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631...

3.7CVSS5.8AI score0.00452EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2025/07/02 12:0 a.m.3 views

OpenSSL Toolkit 3.2.5

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.2 release supported until 23rd November 2025...

7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/02 12:0 a.m.2 views

OpenSSL Toolkit 3.3.4

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.3 release supported until 9th April 2026...

6.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/07/02 12:0 a.m.3 views

OpenSSL Toolkit 3.4.2

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 3.4 release supported until 22nd October 2026...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.7 views

SUSE SLED15: himmelblau / himmelblau-sshd-config / libnss_himmelblau2 / etc (SUSE-SU-2025:02166-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02166-1 advisory. - CVE-2025-5791: Fixed using deprecated users crate bsc1244202 - CVE-2025-3416: Fixed use-After-Free in...

7.1CVSS5.9AI score0.00452EPSS
Exploits0References7
Rows per page
Query Builder