4 matches found
Vulnerability of the org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider class in the Java library for supporting SSH protocol by Apache SSHD, allowing a hacker to execute arbitrary code.
The vulnerability of the org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider class in the Java library for supporting SSH protocol Apache SSHD is related to deserialization mechanism flaws. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
SUSE CVE-2022-45047
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys ...
GHSA-FHW8-8J55-VWGQ Unsafe deserialization in Apache MINA SSHD
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys ...
Deserialization of untrusted data
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys ...