2 matches found
CVE-2022-27191
CVE-2022-27191 affects the golang.org/x/crypto/ssh package. Exploitable impact described in connected advisories: an attacker could crash a server under certain AddHostKey conditions. The vulnerability is tied to the x/crypto/ssh code path, with older Go crypto/ssh releases prior to 0.0.0-2022031...
CVE-2021-43565
The CVE-2021-43565 vulnerability affects golang.org/x/crypto’s x/crypto/ssh: the package before 0.0.0-20211202192323-5770296d904e can cause an SSH server to panic. The issue is tied to the x/crypto/ssh component and is triggered by the cited pre-release version of the package. A patched version e...