UbuntuUpdates.org

Bugs fixes in "libssh"

Origin Bug number Title Date fixed
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5351 A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys i 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5351 A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys i 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5351 A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys i 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2025-5372 A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation 2025-07-07
CVE CVE-2025-5351 A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys i 2025-07-07
CVE CVE-2025-5318 A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that 2025-07-07
CVE CVE-2023-6918 A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r 2024-01-23
CVE CVE-2023-6004 A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue 2024-01-23
CVE CVE-2023-6918 A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r 2024-01-22
CVE CVE-2023-6004 A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue 2024-01-22



About   -   Send Feedback to @ubuntu_updates