Lucene search
K

6 matches found

OSV
OSV
added 2026/05/11 9:1 a.m.10 views

CLSA-2026-1778490111 libssh: Fix of CVE-2026-0966

CVE-2026-0966: fix heap buffer underflow in sshgethexa on NULL or zero-length input, remotely reachable via GSSAPI authentication logging...

8.2CVSS6.7AI score0.00582EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 3:54 p.m.17 views

CLSA-2026-1778082886 libssh: Fix of CVE-2026-0966

CVE-2026-0966: avoid 1-byte heap buffer underflow in sshgethexa on NULL/zero-length input...

8.2CVSS6.7AI score0.00582EPSS
Exploits0References1
OSV
OSV
added 2026/05/06 11:55 a.m.11 views

CLSA-2026-1778068515 Fix CVE(s): CVE-2026-0966

SECURITY UPDATE: heap buffer underflow in sshgethexa on zero-length or NULL input, remotely reachable via GSSAPI authentication logging - debian/patches/CVE-2026-0966.patch: reject NULL/zero-length input in sshgethexa in src/dh.c - CVE-2026-0966: fix heap buffer underflow in sshgethexa...

8.2CVSS6.7AI score0.00582EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/03/26 8:6 p.m.2 views

CVE-2026-0966

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

8.2CVSS6.3AI score0.00582EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/02/13 12:0 a.m.5 views

CVE-2026-0966

A flaw was found in libssh. The API function sshgethexa is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI Generic Security Service Application Program Interface authentication if the server's logging verbosity is se...

8.2CVSS6.3AI score0.00582EPSS
Exploits0References4
Snyk
Snyk
added 2026/02/10 6:47 p.m.4 views

Buffer Underwrite (Buffer Underflow)

Overview Affected versions of this package are vulnerable to Buffer Underwrite Buffer Underflow in the sshgethexa function on invalid input. An attacker can cause a buffer underflow and potentially execute arbitrary code or crash the application by supplying specially crafted input. Workaround Th...

8.2CVSS7AI score0.00582EPSS
Exploits0References2
Rows per page
Query Builder