3 matches found
CVE-2020-29652
CVE-2020-29652 : A nil pointer dereference in the golang.org/x/crypto/ssh component (affected through v0.0.0-20201203163018-be400aefbc4c for Go) can allow remote attackers to cause a denial of service against SSH servers. The Initial Description confirms this vulnerability, and connected IBM/IBM ...
CVE-2022-27191
CVE-2022-27191 affects the golang.org/x/crypto/ssh package. Exploitable impact described in connected advisories: an attacker could crash a server under certain AddHostKey conditions. The vulnerability is tied to the x/crypto/ssh code path, with older Go crypto/ssh releases prior to 0.0.0-2022031...
CVE-2021-43565
The CVE-2021-43565 vulnerability affects golang.org/x/crypto’s x/crypto/ssh: the package before 0.0.0-20211202192323-5770296d904e can cause an SSH server to panic. The issue is tied to the x/crypto/ssh component and is triggered by the cited pre-release version of the package. A patched version e...