n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

Impact When the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server could intercept the connection and present a fraudulent host key,...

CVE-2026-33724 n8n's Source Control SSH Configuration Uses StrictHostKeyChecking=no

n8n is an open source workflow automation platform. Prior to version 2.5.0, when the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker positioned between the n8n instance and the remote Git server...

EUVD-2021-0999

Malware in sbrugna...

EUVD-2023-57969

Malicious code in bioql PyPI...

EUVD-2024-47644

Malicious code in bioql PyPI...

CVE-2025-34207 Vasion Print (formerly PrinterLogic) Insecure SSH Client Configuration

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...

Brocade Fabric OS before 9.2.2 does not enforce strict host key checking

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle attackers to conduct remote Service Session Hijacking that may arise from the attacker's ability to forge an SSH key while the Brocade Fabric OS Switch is performing various remote operations initiated by a...

CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

UBUNTU-CVE-2024-6572

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

CVE-2024-6572 Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem'

Improper host key checking in active check 'Check SFTP Service' and special agent 'VNX quotas and filesystem' in Checkmk before Checkmk 2.3.0p15, 2.2.0p33, 2.1.0p48 and 2.0.0 EOL allows man-in-the-middle attackers to intercept traffic...

PT-2024-37728 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p15 Checkmk versions prior to 2.2.0p33 Checkmk versions prior to 2.1.0p48 Checkmk version 2.0.0 Description: The issue concerns improper host key checking in the active check 'Check SFTP Service' and the special...

Vulnerability in OpenSSL - Excessive time spent checking DSA keys and parameters

Issue summary : Checking excessively long DSA keys or parameters may be very slow. Impact summary : Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checke...

PT-2024-33190 · Satellite · Satellite

Name of the Vulnerable Software and Affected Versions: Satellite affected versions not specified Description: A vulnerability was found in Satellite where the host's SSH key is not being checked when running a remote execution job on a host. This is due to the use of "-o StrictHostKeyChecking=no"...

openssl: Excessive time spent checking DH keys and parameters

A vulnerability was found in OpenSSL. This security flaw occurs because the applications that use the DHcheck, DHcheckex, or EVPPKEYparamcheck functions to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an...

Oracle Linux 8 : edk2 (ELSA-2024-0888)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0888 advisory. 20220126gitbb1bba3d77-6.el89.3 - edk2-Bumped-openssl-submodule-version-to-cf317b2bb227.patch RHEL-7560 - Resolves: RHEL-7560 CVE-2023-3446 edk2: openssl:...

EulerOS 2.0 SP5 : shim-signed (EulerOS-SA-2024-1165)

According to the versions of the shim-signed package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1074)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary...

Amazon Linux 2 : edk2 (ALAS-2023-2205)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2205 advisory. Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DHcheck, DHcheckexor EVPPKEYparamcheck to check a DH key or DH paramete...

SUSE SLES12 Security Update : openssl-1_1 (SUSE-SU-2023:3239-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3239-1 advisory. - Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions...