2 matches found
Russh 安全漏洞
Russh is a Rust SSH client and server library developed by Eugene as a personal project. Versions of Russh from 0.34.0 to 0.61.1 contained security vulnerabilities. These vulnerabilities stemmed from the acceptance of overly large compressed data packets when SSH compression was enabled, which...
PT-2023-21572 · Russh · Russh
Name of the Vulnerable Software and Affected Versions: russh versions 0.34.0 through 0.36.1 russh versions 0.37.0 Description: The issue is related to insufficient Diffie-Hellman key validation, which can lead to insecure shared secrets and break confidentiality. This can result in eavesdropping,...