Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-202312-05
HistoryDec 22, 2023 - 12:00 a.m.

libssh: Multiple Vulnerabilities

2023-12-2200:00:00
Gentoo Foundation
security.gentoo.org
11
libssh
vulnerabilities
upgrade
net-libs/libssh-0.10.5
sshv2

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON

Background

libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side.

Description

Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details.

Impact

Please review the referenced CVE identifiers for details.

Workaround

There is no known workaround at this time.

Resolution

All libssh users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=net-libs/libssh-0.10.5"
OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-libs/libssh< 0.10.5UNKNOWN

Related

nessus 53
rosalinux 1
osv 13
redhat 32
openvas 32
fedora 5
slackware 1
rocky 2
ibm 12
mageia 2
oraclelinux 3
cloudfoundry 1
ubuntu 2
debian 3
almalinux 3
redos 1
alpinelinux 1
cve 3
veracode 3
freebsd 1
altlinux 1
cvelist 3
redhatcve 3
prion 3
debiancve 3
cnvd 1
cbl_mariner 1
nvd 3
ubuntucve 3
photon 3
f5 1
nessus
nessus
GLSA-202312-05 : libssh: Multiple Vulnerabilities
2023-12-22 00:00:00
Oracle Linux 8 : libssh (ELSA-2023-3839)
2023-06-29 00:00:00
EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2023-2542)
2023-08-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2333
2024-01-30 08:34:02
osv
osv
libssh - security update
2023-05-23 00:00:00
Moderate: libssh security update
2023-11-07 00:00:00
Moderate: libssh security update
2023-07-08 02:54:11
redhat
redhat
(RHSA-2023:3839) Moderate: libssh security update
2023-06-27 13:35:53
(RHSA-2023:6643) Moderate: libssh security update
2023-11-07 06:10:49
(RHSA-2024:0538) Moderate: libssh security update
2024-01-29 08:02:58
openvas
openvas
Debian: Security Advisory (DSA-5409-1)
2023-05-25 00:00:00
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2561)
2023-08-03 00:00:00
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2358)
2023-07-17 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: libssh-0.10.5-1.fc37
2023-05-28 02:56:47
[SECURITY] Fedora 38 Update: libssh-0.10.5-1.fc38
2023-05-14 01:39:52
[SECURITY] Fedora 34 Update: libssh-0.9.6-1.fc34
2021-09-29 01:10:26
slackware
slackware
[slackware-security] libssh
2023-05-04 19:11:18
rocky
rocky
libssh security update
2023-07-08 02:54:11
libssh security, bug fix, and enhancement update
2022-05-10 08:14:06
ibm
ibm
Security Bulletin: Vulnerabilities in libssh library (CVE-2023-1667, CVE-2023-2283 ) affect Power HMC
2024-04-16 16:54:11
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and security restriction bypass due to [CVE-2023-2283], [CVE-2023-1667]
2023-07-27 15:40:30
Security Bulletin: Vulnerabilities in Linux components affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
2024-06-19 17:53:41
mageia
mageia
Updated libssh packages fix security vulnerability
2023-05-21 11:42:44
Updated libssh packages fix security vulnerability
2021-09-23 07:49:29
oraclelinux
oraclelinux
libssh security update
2023-06-29 00:00:00
libssh security update
2023-11-11 00:00:00
libssh security, bug fix, and enhancement update
2022-05-17 00:00:00
cloudfoundry
cloudfoundry
USN-6138-1: libssh vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
ubuntu
ubuntu
libssh vulnerabilities
2023-06-05 00:00:00
libssh vulnerability
2021-08-26 00:00:00
debian
debian
[SECURITY] [DSA 5409-1] libssh security update
2023-05-23 11:50:46
[SECURITY] [DSA 4965-1] libssh security update
2021-08-31 14:43:51
[SECURITY] [DLA 3437-1] libssh security update
2023-05-29 22:01:33
almalinux
almalinux
Moderate: libssh security update
2023-06-27 00:00:00
Moderate: libssh security update
2023-11-07 00:00:00
Low: libssh security, bug fix, and enhancement update
2022-05-10 08:14:06
redos
redos
ROS-20240329-18
2024-03-29 00:00:00
alpinelinux
alpinelinux
CVE-2021-3634
2021-08-31 17:15:08
cve
cve
CVE-2021-3634
2021-08-31 17:15:08
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
veracode
veracode
Denial Of Service
2021-08-27 21:15:50
Authorization Bypass
2023-05-21 11:53:42
Denial Of Services (DoS)
2023-05-21 16:19:18
freebsd
freebsd
libssh -- possible heap-buffer overflow vulnerability
2021-08-26 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package libssh version 0.9.6-alt1
2021-09-17 00:00:00
cvelist
cvelist
CVE-2021-3634
2021-08-31 00:00:00
CVE-2023-2283
2023-05-26 00:00:00
CVE-2023-1667
2023-05-26 00:00:00
redhatcve
redhatcve
CVE-2021-3634
2021-08-26 13:32:43
CVE-2023-2283
2023-05-08 05:21:31
CVE-2023-1667
2023-05-08 04:52:00
prion
prion
Design/Logic Flaw
2021-08-31 17:15:00
Authentication flaw
2023-05-26 18:15:00
Null pointer dereference
2023-05-26 18:15:00
debiancve
debiancve
CVE-2021-3634
2021-08-31 17:15:08
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
cnvd
cnvd
libssh buffer overflow vulnerability (CNVD-2021-71262)
2021-09-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-3634 affecting package libssh 0.9.5-2
2024-07-01 15:26:50
nvd
nvd
CVE-2021-3634
2021-08-31 17:15:08
CVE-2023-2283
2023-05-26 18:15:13
CVE-2023-1667
2023-05-26 18:15:10
ubuntucve
ubuntucve
CVE-2021-3634
2021-08-26 00:00:00
CVE-2023-2283
2023-05-09 00:00:00
CVE-2023-1667
2023-05-09 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0466
2023-09-07 00:00:00
Critical Photon OS Security Update - PHSA-2023-5.0-0089
2023-09-07 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0645
2023-09-07 00:00:00
f5
f5
K000138682 : libssh vulnerability CVE-2023-2283
2024-02-24 00:00:00

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

7.7 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.7%

JSON
Related for GLSA-202312-05
nessus53rosalinux1osv13redhat32openvas32fedora5slackware1rocky2ibm12mageia2oraclelinux3cloudfoundry1ubuntu2debian3almalinux3redos1alpinelinux1cve3veracode3freebsd1altlinux1cvelist3redhatcve3prion3debiancve3cnvd1cbl_mariner1nvd3ubuntucve3photon3f51