CVE-2019-3863 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in libssh2 before 1.8.1 where a server could send a multiple keyboard interactive response messages whose total length are greater... |
CVE-2019-3862 |
High |
Yes |
Information disclosure |
An issue has been found in libssh2 before 1.8.1 where a server could send a specially crafted SSH_MSG_CHANNEL_REQUEST packet with an exit status message and... |
CVE-2019-3861 |
High |
Yes |
Information disclosure |
An issue has been found in libssh2 before 1.8.1 where a server could send a specially crafted SSH packet with a padding length value greater than the packet... |
CVE-2019-3860 |
High |
Yes |
Information disclosure |
An issue has been found in libssh2 before 1.8.1 where a server could send a specially crafted partial SFTP packet with a empty payload in response to... |
CVE-2019-3859 |
High |
Yes |
Information disclosure |
An issue has been found in libssh2 before 1.8.1 where a server could send a specially crafted partial packet in response to various commands such as: sha1... |
CVE-2019-3858 |
High |
Yes |
Information disclosure |
An issue has been found in libssh2 before 1.8.1 where a server could send a specially crafted partial SFTP packet with a zero value for the payload length.... |
CVE-2019-3857 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in libssh2 before 1.8.1 where a server could send a SSH_MSG_CHANNEL_REQUEST packet with an exit signal message with a length of max... |
CVE-2019-3856 |
Critical |
Yes |
Arbitrary code execution |
An issue has been found in libssh2 before 1.8.1 where a server could send a value approaching unsigned int max number of keyboard prompt requests which... |
CVE-2019-3855 |
Critical |
Yes |
Arbitrary code execution |
A out-of-bounds write has been found in libssh2 before 1.8.1, where a malicious server could send a specially crafted packet which could result in an... |