CVE-2022-31124

opensshkeyparser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker...

GHSA-HM37-9XH2-Q499 Possible leak of key's raw field if declared length is incorrect

Impact If a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key's sensitive field can thus expose the raw value of that field. Patches Upgrade to version 0.0.6, which...

PYSEC-2022-233

opensshkeyparser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker...

CVE-2022-31124 Possible leak of key's raw field if declared length is incorrect in openssh_key_parser

opensshkeyparser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker...

openssh_key_parser 安全漏洞

opensshkeyparser is an open source python package. A security vulnerability exists in versions of opensshkeyparser prior to 0.0.6, which stems from the fact that if a key field is shorter than declared, the parser raises an error and displays a message containing the original field value...