Known Vulnerabilities for products from Libssh2
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Libssh2".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2020-22218 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-08-22 | 2023-10-06 |
| CVE-2019-17498 | In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, e... | 8.1 - HIGH | 2019-10-21 | 2023-11-07 |
| CVE-2019-13115 | In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that c... | 8.1 - HIGH | 2019-07-16 | 2023-11-07 |
| CVE-2019-3863 | A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total l... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3862 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit sta... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3861 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater ... | 9.1 - CRITICAL | 2019-03-25 | 2023-11-07 |
| CVE-2019-3860 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A r... | 9.1 - CRITICAL | 2019-03-25 | 2023-11-07 |
| CVE-2019-3859 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3858 | An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the s... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3857 | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3856 | An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keybo... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3855 | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets... | 8.8 - HIGH | 2019-03-21 | 2023-11-07 |
| CVE-2016-0787 | The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which ma... | 5.9 - MEDIUM | 2016-04-13 | 2018-10-30 |
| CVE-2015-1782 | The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have oth... | 6.8 - MEDIUM | 2015-03-13 | 2023-02-13 |
Known software with vulnerabilities from Libssh2
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libssh2 | Libssh2 | 0.1 |