Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2019-17498 - log back

CVE-2019-17498 edited at 16 Mar 2021 08:21:39

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Information disclosure

Description

+	An out-of-bounds read has been found in libssh2 <= 1.9.0, when libssh2 is used to connect to a malicious server, leading to denial of service or information disclosure.

References

+	https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
+	https://github.com/libssh2/libssh2/pull/402/commits/1c6fa92b77e34d089493fe6d3e2c6c8775858b94

Notes

CVE-2019-17498 created at 16 Mar 2021 08:19:50