Debian: Security Advisory (DLA-611-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (python-paramiko) security update

An update for python-paramiko is now available for Red Hat OpenStack Platform 16.1.9 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-paramiko) security update

An update for python-paramiko is now available for Red Hat OpenStack Platform 16.2.4 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

USN-5351-2: Paramiko vulnerability

USN-5351-1 fixed a vulnerability in Paramiko. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain...

USN-5351-1: Paramiko vulnerability

Jan Schejbal discovered that Paramiko incorrectly handled permissions when writing private key files. A local attacker could possibly use this issue to gain access to private keys...

Fedora: Security Advisory for python-paramiko (FEDORA-2022-806492f1d1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for python-paramiko (FEDORA-2022-8eb95d8611)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: python-paramiko-2.10.3-1.fc34

Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for secu re encrypted and authenticated connections to remote machines. Unlike SSL aka TLS, the SSH2 protocol does not require hierarchical certificate...

[SECURITY] Fedora 35 Update: python-paramiko-2.10.3-1.fc35

Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for secu re encrypted and authenticated connections to remote machines. Unlike SSL aka TLS, the SSH2 protocol does not require hierarchical certificate...

Fedora: Security Advisory for python-paramiko (FEDORA-2022-bb5c461682)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: python-paramiko-2.10.3-1.fc36

Paramiko a combination of the Esperanto words for "paranoid" and "friend" is a module for python 2.3 or greater that implements the SSH2 protocol for secu re encrypted and authenticated connections to remote machines. Unlike SSL aka TLS, the SSH2 protocol does not require hierarchical certificate...

USN-5308-1: libssh2 vulnerabilities

It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote, unauthenticated attacker could possibly execute arbitrary code on the client system. CVE-2019-3855 It was discovered that libssh2 incorrectly handled prompt...

[SECURITY] [DLA 2848-1] libssh2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...

CVE-2020-26301

A flaw was found in nodejs-ssh2. An OS command injection attack on Windows allows an attacker to perform remote code execution and potentially execute arbitrary code. The highest threat from this vulnerability is to confidentiality and integrity...

GHSA-652H-XWHF-Q4H6 OS Command Injection in ssh2

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted...

OS Command Injection in ssh2

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted...

12g (>=0.0.21 <=1.0.1), 1ib (>=1.0.9 <=1.0.11) +7310 more potentially affected by CVE-2020-26301 via ssh2 (>=0.0.2 <=1.3.0)

ssh2 NPM version =0.0.2, =0.0.21, =1.0.9, =0.0.1, =1.1.0, =1.0.26, =0.107.10, =1.19.19, =0.107.0, =0.107.0, =0.107.0, =0.69.0, =0.107.0, =0.97.1, =0.107.0, =0.123.2 and more Source cves: CVE-2020-26301 Source advisory: OSV:GHSA-652H-XWHF-Q4H6...

CVE-2020-26301

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted...

CVE-2020-26301

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted...

Command injection

ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted...