libssh

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Library for accessing ssh client services through C libraries
Version 0.11.1-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2324 0.9.5-1 0.9.6-1 Medium Fixed
AVG-1130 0.9.3-1 0.9.4-1 Medium Fixed
AVG-780 0.8.3-1 0.8.4-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2021-3634 AVG-2324 Medium Yes Arbitrary code execution
A security issue has been found in libssh before version 0.9.6. An attacker can request a rekey with a key exchange algorithm with a digest of a different...
CVE-2020-1730 AVG-1130 Medium Yes Denial of service
A malicious client or server could crash the counterpart implemented with libssh before 0.9.4. When AES-CTR ciphers are used and don't get fully...
CVE-2018-10933 AVG-780 Critical Yes Authentication bypass
An authentication bypass vulnerability has been discovered in libssh versions prior to 0.7.6 and 0.8.4, in the server-side state machine. By presenting the...

Advisories

Date Advisory Group Severity Type
09 Apr 2020 ASA-202004-11 AVG-1130 Medium denial of service
17 Oct 2018 ASA-201810-10 AVG-780 Critical authentication bypass