798 matches found
[SECURITY] Fedora 43 Update: libssh2-1.11.1-6.fc43
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
Fedora 43 : libssh2 (2026-1b9134cdc9)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-1b9134cdc9 advisory. This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password...
[SECURITY] Fedora 44 Update: libssh2-1.11.1-6.fc44
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
Fedora 44 : libssh2 (2026-f87ac8187c)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f87ac8187c advisory. This update addresses CVE-2026-7598, a potential heap buffer overflow, which could be triggered remotely by supplying very long username and/or password...
Ubuntu 24.04 LTS / 25.10 / 26.04 LTS : libssh2 vulnerability (USN-8309-1)
The remote Ubuntu 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8309-1 advisory. It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker...
Critical Photon OS Security Update - PHSA-2026-5.0-0857
Updates of 'rubygem-nokogiri', 'glibc', 'libssh2', 'strongswan' packages of Photon OS have been released...
USN-8309-1: libssh2 vulnerability
It was discovered that libssh2 incorrectly handled username and password length values during SSH password authentication. A remote attacker could possibly use this issue to cause a denial of service...
Astra Linux - уязвимость в libssh2
A vulnerability was discovered in the function libssh2packetadd in libssh2 1.10.0, allowing attackers to access out-of-bound memory...
Astra Linux - уязвимость в libssh2
The vulnerability of the libssh2packetadd function in the packet.c component of the SSH2 implementation library Libssh2 is related to insufficient input validation. Exploiting this vulnerability allows a remote attacker to cause service interruptions...
Astra Linux - уязвимость в libssh2
The vulnerability of the libssh2ntohu32 function in the SSH2 protocol implementation library Libssh2 involves reading data beyond the allowable buffer size. Exploiting this vulnerability allows a remote attacker to gain access to confidential data and also cause service failures...
Astra Linux - уязвимость в libgit2
libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Previous versions of libgit2 required the caller to set the certificatecheck field of the libgit2’s...
Astra Linux - уязвимость в libssh2
In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, allowing an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A malicious SSH server may be able to disclose sensitive information or cause a...
Astra Linux - уязвимость в libssh2
The vulnerability in the src/kex.c component of the SSH2 protocol implementation library Libssh2 involves reading data beyond the allowed buffer limits. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...
CLSA-2026-1779216196 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...
OESA-2026-2336 libssh2 security update
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10. Security Fixes: A security vulnerability has been detected in libssh2 up to 1.11.1. The...
CLSA-2026-1778745959 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
CLSA-2026-1778247114 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...
JLSEC-2026-492
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CLSA-2026-1778159627 libssh2: Fix of 2 CVEs
CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellmansha1 to prevent out-of-bounds read on malformed KEX reply - CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBALREQUEST handlers to prevent integer overflow / out-of-bounds read...