The vulnerability in the transport.py component of the SSHv2 protocol library for Python Paramiko allows a attacker to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the transport.py component in the SSHv2 protocol library for Python Paramiko is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service...

libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length

A type confusion issue was found in the way libssh generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters...