Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2026/01/09 8:42 a.m.8 views

CVE-2022-31124

opensshkeyparser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker...

7.7CVSS6.4AI score0.01239EPSS
Exploits1References1
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-1961

Malware in sbrugna...

4CVSS6.4AI score0.01094EPSS
Exploits0References6
osv
osv
added 2022/07/06 7:24 p.m.65 views

GHSA-HM37-9XH2-Q499 Possible leak of key's raw field if declared length is incorrect

Impact If a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key's sensitive field can thus expose the raw value of that field. Patches Upgrade to version 0.0.6, which...

7.7CVSS6.7AI score0.01239EPSS
Exploits1References8
github
github
added 2022/07/06 7:24 p.m.28 views

Possible leak of key's raw field if declared length is incorrect

Impact If a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker able to modify the declared length of a key's sensitive field can thus expose the raw value of that field. Patches Upgrade to version 0.0.6, which...

7.7CVSS6.2AI score0.01239EPSS
Exploits1References8Affected Software1
cvelist
cvelist
added 2022/07/06 5:30 p.m.37 views

CVE-2022-31124 Possible leak of key's raw field if declared length is incorrect in openssh_key_parser

opensshkeyparser is an open source Python package providing utilities to parse and pack OpenSSH private and public key files. In versions prior to 0.0.6 if a field of a key is shorter than it is declared to be, the parser raises an error with a message containing the raw field value. An attacker...

7.7CVSS7.7AI score0.01239EPSS
Exploits1References5
nvd
nvd
added 2014/06/09 7:55 p.m.18 views

CVE-2013-1973

The autocomplete callback in Autocomplete Widgets for Text and Number Fields autocompletewidgets module 6.x-1.x before 6.x-1.4 and 7.x-1.x before 7.x-1.0-rc1 does not properly handle node permissions, which allows remote authenticated users to obtain sensitive field values via unspecified vectors...

4CVSS6.1AI score0.01094EPSS
Exploits0References5
Rows per page
Query Builder