5 matches found
MiracleLinux 8 : libssh-0.9.6-14.el8 (AXSA:2024-8172:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8172:04 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...
MiracleLinux 9 : libssh-0.10.4-13.el9 (AXSA:2024-7773:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7773:03 advisory. libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values fo...
Insufficient Verification Of Data Authenticity
github.com/regclient/regclient is vulnerable to Insufficient Verification Of Data Authenticity. The vulnerability is due to missing digest checks which allows a malicious registry to return a different digest for a pinned manifest without detection...
RLSA-2024:3233 Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...
Low: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...