Lucene search
AlmaLinuxALSA-2023:3839HistoryJun 27, 2023 - 12:00 a.m.
Moderate: libssh security update
2023-06-2700:00:00
errata.almalinux.org
16
libssh
security update
null pointer
authorization bypass
cve
ssh protocol
rekeying
algorithm guessing
pki_verify_data_signature
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
48.7%
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
Security Fix(es):
- libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
- libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| almalinux | 8 | noarch | libssh-config | < 0.9.6-10.el8_8 | libssh-config-0.9.6-10.el8_8.noarch.rpm |
| almalinux | 8 | i686 | libssh | < 0.9.6-10.el8_8 | libssh-0.9.6-10.el8_8.i686.rpm |
| almalinux | 8 | i686 | libssh-devel | < 0.9.6-10.el8_8 | libssh-devel-0.9.6-10.el8_8.i686.rpm |
| almalinux | 8 | x86_64 | libssh | < 0.9.6-10.el8_8 | libssh-0.9.6-10.el8_8.x86_64.rpm |
| almalinux | 8 | aarch64 | libssh | < 0.9.6-10.el8_8 | libssh-0.9.6-10.el8_8.aarch64.rpm |
| almalinux | 8 | x86_64 | libssh-devel | < 0.9.6-10.el8_8 | libssh-devel-0.9.6-10.el8_8.x86_64.rpm |
| almalinux | 8 | aarch64 | libssh-devel | < 0.9.6-10.el8_8 | libssh-devel-0.9.6-10.el8_8.aarch64.rpm |
| almalinux | 8 | ppc64le | libssh | < 0.9.6-10.el8_8 | libssh-0.9.6-10.el8_8.ppc64le.rpm |
| almalinux | 8 | ppc64le | libssh-devel | < 0.9.6-10.el8_8 | libssh-devel-0.9.6-10.el8_8.ppc64le.rpm |
| almalinux | 8 | s390x | libssh | < 0.9.6-10.el8_8 | libssh-0.9.6-10.el8_8.s390x.rpm |
Related
fedora
fedora
[SECURITY] Fedora 37 Update: libssh-0.10.5-1.fc37
2023-05-28 02:56:47
[SECURITY] Fedora 38 Update: libssh-0.10.5-1.fc38
2023-05-14 01:39:52
osv
osv
libssh - security update
2023-05-23 00:00:00
Moderate: libssh security update
2023-11-07 00:00:00
Moderate: libssh security update
2023-07-08 02:54:11
nessus
nessus
Oracle Linux 8 : libssh (ELSA-2023-3839)
2023-06-29 00:00:00
EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2023-2542)
2023-08-02 00:00:00
Fedora 38 : libssh (2023-741d5f1fd3)
2023-05-14 00:00:00
redhat
redhat
(RHSA-2023:3839) Moderate: libssh security update
2023-06-27 13:35:53
(RHSA-2023:6643) Moderate: libssh security update
2023-11-07 06:10:49
(RHSA-2024:0538) Moderate: libssh security update
2024-01-29 08:02:58
openvas
openvas
Debian: Security Advisory (DSA-5409-1)
2023-05-25 00:00:00
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2561)
2023-08-03 00:00:00
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2358)
2023-07-17 00:00:00
slackware
slackware
[slackware-security] libssh
2023-05-04 19:11:18
rocky
rocky
libssh security update
2023-07-08 02:54:11
ibm
ibm
mageia
mageia
Updated libssh packages fix security vulnerability
2023-05-21 11:42:44
oraclelinux
oraclelinux
libssh security update
2023-06-29 00:00:00
libssh security update
2023-11-11 00:00:00
cloudfoundry
cloudfoundry
USN-6138-1: libssh vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
ubuntu
ubuntu
libssh vulnerabilities
2023-06-05 00:00:00
almalinux
almalinux
Moderate: libssh security update
2023-11-07 00:00:00
redos
redos
ROS-20240329-18
2024-03-29 00:00:00
debian
debian
[SECURITY] [DSA 5409-1] libssh security update
2023-05-23 11:50:46
[SECURITY] [DLA 3437-1] libssh security update
2023-05-29 22:01:33
rosalinux
rosalinux
Advisory ROSA-SA-2024-2333
2024-01-30 08:34:02
gentoo
gentoo
libssh: Multiple Vulnerabilities
2023-12-22 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0466
2023-09-07 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0089
2023-09-07 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0645
2023-09-07 00:00:00
nvd
nvd
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
redhatcve
redhatcve
CVE-2023-2283
2023-05-08 05:21:31
CVE-2023-1667
2023-05-08 04:52:00
ubuntucve
ubuntucve
CVE-2023-2283
2023-05-09 00:00:00
CVE-2023-1667
2023-05-09 00:00:00
debiancve
debiancve
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
cve
cve
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
prion
prion
Authentication flaw
2023-05-26 18:15:00
Null pointer dereference
2023-05-26 18:15:00
veracode
veracode
Authorization Bypass
2023-05-21 11:53:42
Denial Of Services (DoS)
2023-05-21 16:19:18
cvelist
cvelist
CVE-2023-2283
2023-05-26 00:00:00
CVE-2023-1667
2023-05-26 00:00:00
f5
f5
K000138682 : libssh vulnerability CVE-2023-2283
2024-02-24 00:00:00
hp
hp
HP ThinPro 8.0 SP 7 Security Updates
2024-01-26 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2024
2024-01-16 00:00:00
Oracle Critical Patch Update Advisory - October 2023
2023-10-17 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
48.7%
Related for ALSA-2023:3839