9 matches found
CVE-2026-42189
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...
CVE-2026-42189
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...
CVE-2026-42189
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...
CVE-2026-42189
CVE-2026-42189 affects the Russh Rust SSH library. A pre-authentication denial-of-service exists in the server keyboard-interactive authentication path: an attacker can trigger an OOM crash by sending a crafted USERAUTH_INFO_RESPONSE with a large n, causing the server to allocate memory for a mas...
CVE-2026-42189 Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...
EUVD-2026-28822
Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication handler. A malicious client can crash any russh-based server that implements keyboard-interactive auth e.g., for...
PT-2026-37172
Name of the Vulnerable Software and Affected Versions Russh versions prior to 0.60.1 Description A pre-authentication denial-of-service issue exists in the server's keyboard-interactive authentication handler. A malicious client can crash any server based on this library that implements...
FuelVM is vulnerable to heap memory allocation re-use bug
Impact A memory safety vulnerability was present in the Fuel Virtual Machine FuelVM, where memory reads could bypass expected access controls. Specifically, when a smart contract performed a mload or other opcodes which access memory on memory that had been deallocated using ret, it was still abl...
UBUNTU-CVE-2017-1000456
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations...