Lucene search
K

6 matches found

RedHat Linux
RedHat Linux
added 5 days ago9 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6.1AI score0.00533EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 6 days ago6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6.1AI score0.00533EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/25 10:18 p.m.11 views

EUVD-2026-31397

golang.org/x/crypto/ssh: Invoking client can cause server deadlock on unexpected responses...

9.1CVSS5.8AI score0.00533EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/25 12:7 a.m.6 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses

A flaw was found in golang.org/x/crypto/ssh. A remote malicious SSH peer can exploit this by sending unsolicited global request responses, which fills an internal buffer and blocks the connection's read loop. This prevents the associated resources from being released, leading to a resource leak p...

9.1CVSS6AI score0.00533EPSS
Exploits0References9
NVD
NVD
added 2026/05/22 4:16 a.m.18 views

CVE-2026-39830

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

9.1CVSS0.00533EPSS
Exploits0References28
OSV
OSV
added 2026/05/22 2:8 a.m.7 views

GO-2026-5017 Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

9.1CVSS5.8AI score0.00533EPSS
Exploits0References4
Rows per page
Query Builder