Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:35 a.m.7 views

CVE-2023-28113

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those ...

5.9CVSS6.5AI score0.00617EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/03/16 12:0 a.m.9 views

CVE-2023-28113 russh may use insecure Diffie-Hellman keys

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those ...

5.9CVSS5.5AI score0.00617EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/03/16 12:0 a.m.27 views

CVE-2023-28113 russh may use insecure Diffie-Hellman keys

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those ...

5.9CVSS5.7AI score0.00617EPSS
Exploits1References6
CVE
CVE
added 2023/03/16 12:0 a.m.84 views

CVE-2023-28113

Summary: The CVE-2023-28113 issue affects russh, a Rust SSH client/server library. The root cause is insufficient validation of Diffie-Hellman (DH) keys, allowing certain invalid DH public values (e, e

5.9CVSS5.5AI score0.00617EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder