2 matches found
PT-2026-36652
Name of the Vulnerable Software and Affected Versions Gitea affected versions not specified Description The built-in SSH server uses default configurations that advertise weak or broken key exchange, MAC, and host key algorithms. Specifically, the server supports the ecdh-sha2-nistp256,...
CVE-2022-29245 Weak private key generation in SSH.NET
SSH.NET is a Secure Shell SSH library for .NET. In versions 2020.0.0 and 2020.0.1, during an X25519 key exchange, the client’s private key is generated with System.Random. System.Random is not a cryptographically secure random number generator, it must therefore not be used for cryptographic...