libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process by sending a malicious SFTP packet with zero value for the payload length, causing zero-byte allocation that results in an out-of-bounds read.

CPENameOperatorVersion
libssh2.sole1.0.1-1
libssh2eq1.4.3__12.el7
libssh2eq1.4.3__12.el7_6.3
libssh2eq1.4.3__12.el7_6.2
libssh2le1.4.3.3

Name	Operator	Version
libssh2.so	le	1.0.1-1
libssh2	eq	1.4.3__12.el7
libssh2	eq	1.4.3__12.el7_6.3
libssh2	eq	1.4.3__12.el7_6.2
libssh2	le	1.4.3.3

References

github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e

www.libssh2.org/CVE-2019-3858.html

ubuntucve 1

nvd 1

redhatcve 1

alpinelinux 1

prion 1

nessus 34

debiancve 1

osv 4

openvas 19

cve 1

cvelist 1

centos 1

ibm 5

redhat 1

amazon 1

photon 6

oraclelinux 2

debian 3

fedora 4

suse 4

archlinux 1

thn 1

mageia 1

altlinux 1

fortinet 1

slackware 1

freebsd 1

ubuntu 1

kitploit 1

oracle 2

ics 1

ubuntucve

CVE-2019-3858

2019-03-21 00:00:00

nvd

CVE-2019-3858

2019-03-21 21:29:00

redhatcve

CVE-2019-3858

2020-04-07 11:55:59

alpinelinux

CVE-2019-3858

2019-03-21 21:29:00

prion

Design/Logic Flaw

2019-03-21 21:29:00

nessus

EulerOS Virtualization for ARM 64 3.0.2.0 : libssh2 (EulerOS-SA-2021-1384)

2021-03-10 00:00:00

CentOS 7 : libssh2 (CESA-2019:2136)

2019-08-30 00:00:00

RHEL 7 : libssh2 (RHSA-2019:2136)

2019-08-12 00:00:00

debiancve

CVE-2019-3858

2019-03-21 21:29:00

osv

CVE-2019-3858

2019-03-21 21:29:00

libssh2 - security update

2019-03-26 00:00:00

libssh2 - security update

2019-04-13 00:00:00

openvas

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2021-1384)

2021-03-05 00:00:00

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1360)

2020-01-23 00:00:00

Mageia: Security Advisory (MGASA-2019-0139)

2022-01-28 00:00:00

cve

CVE-2019-3858

2019-03-21 21:29:00

cvelist

CVE-2019-3858

2019-03-21 20:22:47

centos

libssh2 security update

2019-08-30 03:29:04

ibm

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance (CVE-2019-3861, CVE-019-3858)

2020-01-28 15:09:56

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by multiple vulnerabilities in libssh2

2020-06-04 15:26:02

Security Bulletin: Security vulnerabilities have been identified in BigFix Platform shipped with IBM License Metric Tool.

2019-11-28 08:40:05

redhat

(RHSA-2019:2136) Moderate: libssh2 security, bug fix, and enhancement update

2019-08-06 08:05:02

amazon

Medium: libssh2

2019-08-07 23:53:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0222

2019-04-03 00:00:00

Critical Photon OS Security Update - PHSA-2019-0222

2019-04-02 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0149

2019-04-05 00:00:00

oraclelinux

libssh2 security, bug fix, and enhancement update

2019-08-13 00:00:00

libssh2 security update

2020-10-06 00:00:00

debian

[SECURITY] [DSA 4431-1] libssh2 security update

2019-04-13 13:11:16

[SECURITY] [DSA 4431-1] libssh2 security update

2019-04-13 13:11:16

[SECURITY] [DLA 1730-1] libssh2 security update

2019-03-26 14:15:17

fedora

[SECURITY] Fedora 29 Update: libssh2-1.8.1-1.fc29

2019-03-23 02:58:27

[SECURITY] Fedora 28 Update: libssh2-1.8.1-1.fc28

2019-04-05 01:56:16

[SECURITY] Fedora 29 Update: libssh2-1.9.0-1.fc29

2019-08-04 02:40:41

suse

Security update for libssh2_org (moderate)

2019-03-28 00:00:00

Security update for libssh2_org (moderate)

2019-04-02 00:00:00

Security update for libssh2_org (moderate)

2020-12-01 00:00:00

archlinux

[ASA-201903-12] libssh2: multiple issues

2019-03-22 00:00:00

thn

Libssh Releases Update to Patch 9 New Security Vulnerabilities

2019-03-19 10:27:00

mageia

Updated libssh2 packages fix security vulnerability

2019-04-11 00:25:19

altlinux

Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt3.M80P.1

2019-04-24 00:00:00

fortinet

Protect

2019-11-14 00:00:00

slackware

[slackware-security] libssh2

2019-03-18 23:39:28

freebsd

libssh2 -- multiple issues

2019-03-14 00:00:00

ubuntu

libssh2 vulnerabilities

2022-03-07 00:00:00

kitploit

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

2019-11-05 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.015 Low

EPSS

Percentile

86.8%

JSON

Related for VERACODE:13473