USN-7839-2: Google Guest Agent vulnerability

USN-7839-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding update in the Go Cryptography module included in Google Guest Agent. Original advisory details: Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectl...

EUVD-2007-0399

Malware in sbrugna...

USN-5526-2: PyJWT regression

USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Aapo Oksman discovered that PyJWT incorrectly...

USN-5526-1: PyJWT vulnerability

Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature...

CVE-2018-3737

sshpk is vulnerable to ReDoS when parsing crafted invalid public keys...

CVE-2007-0397

The Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.3 and Adaptive Security Device Manager ASDM before 5.22.54 do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitiv...