Known Vulnerabilities for products from Libssh2
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Libssh2".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-48795 json | 5.9 - MEDIUM | 2023-12-18 | 2024-03-13 | |
| CVE-2023-6918 json | 5.3 - MEDIUM | 2023-12-19 | 2024-01-04 | |
| CVE-2020-22218 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-08-22 | 2023-10-06 |
| CVE-2019-17498 json | In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, e... | 8.1 - HIGH | 2019-10-21 | 2023-11-07 |
| CVE-2019-13115 json | In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that c... | 8.1 - HIGH | 2019-07-16 | 2023-11-07 |
| CVE-2019-3863 json | A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total l... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3862 json | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit sta... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3861 json | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater ... | 9.1 - CRITICAL | 2019-03-25 | 2023-11-07 |
| CVE-2019-3860 json | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A r... | 9.1 - CRITICAL | 2019-03-25 | 2023-11-07 |
| CVE-2019-3859 json | An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3858 json | An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the s... | 9.1 - CRITICAL | 2019-03-21 | 2023-11-07 |
| CVE-2019-3857 json | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3856 json | An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keybo... | 8.8 - HIGH | 2019-03-25 | 2023-11-07 |
| CVE-2019-3855 json | An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets... | 8.8 - HIGH | 2019-03-21 | 2023-11-07 |
| CVE-2016-0787 json | The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which ma... | 5.9 - MEDIUM | 2016-04-13 | 2018-10-30 |
| CVE-2015-1782 json | The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have oth... | 6.8 - MEDIUM | 2015-03-13 | 2023-02-13 |
Known software with vulnerabilities from Libssh2
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Libssh2 | Libssh2 | 0.1 |