Bugs fixes in "libssh"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-5318 | A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that | 2025-07-07 |
| CVE | CVE-2025-5372 | A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation | 2025-07-07 |
| CVE | CVE-2025-5351 | A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys i | 2025-07-07 |
| CVE | CVE-2025-5318 | A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that | 2025-07-07 |
| CVE | CVE-2023-6918 | A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r | 2024-01-23 |
| CVE | CVE-2023-6004 | A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue | 2024-01-23 |
| CVE | CVE-2023-6918 | A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r | 2024-01-22 |
| CVE | CVE-2023-6004 | A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue | 2024-01-22 |
| CVE | CVE-2023-6918 | A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r | 2024-01-22 |
| CVE | CVE-2023-6004 | A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue | 2024-01-22 |
| CVE | CVE-2023-6918 | A flaw was found in the libssh implements abstract layer for message digest (MD) operations implemented by different supported crypto backends. The r | 2024-01-22 |
| CVE | CVE-2023-6004 | A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue | 2024-01-22 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| CVE | CVE-2023-2283 | A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` functi | 2023-06-05 |
| CVE | CVE-2023-1667 | A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a deni | 2023-06-05 |
| CVE | CVE-2023-2283 | A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` functi | 2023-06-05 |
| CVE | CVE-2023-1667 | A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a deni | 2023-06-05 |
About
-
Send Feedback to @ubuntu_updates
