5 matches found
EUVD-2023-0819
Malicious code in bioql PyPI...
golang.org/x/crypto/ssh Man-in-the-Middle attack
The Go SSH library golang.org/x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks if ClientConfig.HostKeyCallback is not set. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...
Golang Go SSH Library Security Bypass Vulnerability
Golang Go is a programming language optimized for programming applications on multiprocessor systems. A security bypass vulnerability exists in the Golang Go SSH Library. An attacker can exploit this vulnerability to perform a man-in-the-middle attack or emulate a trusted server...
UBUNTU-CVE-2017-3204
The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...
CVE-2017-3204
The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...