[SECURITY] Fedora 44 Update: libssh2-1.11.1-6.fc44

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

CVE-2026-7598

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...

[SECURITY] Fedora 41 Update: libssh2-1.11.1-1.fc41

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

CLSA-2023-1695835334 Fix CVE(s): CVE-2020-22218

SECURITY UPDATE: An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. - debian/patches/CVE-2020-22218.patch: doing totalnum zero length check. - CVE-2020-22218...

The vulnerability of the SSH_MSG_CHANNEL_REQUEST command in the libssh2 library allows a hacker to execute arbitrary code.

The vulnerability of the SSHMSGCHANNELREQUEST command in the libssh2 library is related to writing data beyond the buffer boundaries. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by connecting to an SSH server...

The vulnerability of the libssh2 library, related to reading data beyond the buffer limit, allows an attacker to cause a service failure or gain unauthorized access to protected information.

The vulnerability of the libssh2 library lies in the reading of data beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures or gain unauthorized access to protected information by connecting to an SSH server...

The vulnerability of the libssh2 library, related to errors in handling parameter length mismatches, allows attackers to trigger service failures or gain unauthorized access to protected information.

The vulnerability of the libssh2 library is related to errors in handling mismatches in parameter length. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service failures or gain unauthorized access to protected information by connecting to an SSH server...

DEBIAN-CVE-2019-17498

In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a...

Vulnerability of the _libssh2_transport_read function in the libssh2 library, which allows a hacker to execute arbitrary code

The vulnerability of the libssh2transportread function in the libssh2 library is related to integer overflow during packet reading from the server. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using the compromised SSH server...

[SECURITY] Fedora 29 Update: libssh2-1.9.0-1.fc29

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

The vulnerability of the libssh2 library, caused by a numerical overflow, allows an attacker to execute arbitrary code.

The vulnerability of the libssh2 library arises due to a numerical overflow condition. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary code on the client system at the moment the user connects to the server...