libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process by sending malicious SSH packet with a padding length value greater than the packet length, which would result in an out-of-bounds read when the packet is decompressed.

CPENameOperatorVersion
libssh2.soeq1.0.1
libssh2eq1.4.3__12.el7
libssh2eq1.4.3__12.el7_6.3
libssh2eq1.4.3__12.el7_6.2
libssh2le1.4.3.3

Name	Operator	Version
libssh2.so	eq	1.0.1
libssh2	eq	1.4.3__12.el7
libssh2	eq	1.4.3__12.el7_6.3
libssh2	eq	1.4.3__12.el7_6.2
libssh2	le	1.4.3.3

References

github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e

www.libssh2.org/CVE-2019-3861.html

cvelist 1

cve 1

nvd 1

debiancve 1

prion 1

ubuntucve 1

alpinelinux 1

osv 4

redhatcve 1

amazon 1

nessus 33

centos 1

ibm 6

redhat 1

openvas 18

photon 6

oraclelinux 2

debian 3

suse 4

fedora 4

fortinet 1

slackware 1

freebsd 1

archlinux 1

mageia 1

thn 1

altlinux 1

ubuntu 1

kitploit 1

oracle 2

ics 1

cvelist

CVE-2019-3861

2019-03-25 18:30:43

cve

CVE-2019-3861

2019-03-25 19:29:01

nvd

CVE-2019-3861

2019-03-25 19:29:01

debiancve

CVE-2019-3861

2019-03-25 19:29:01

prion

Design/Logic Flaw

2019-03-25 19:29:00

ubuntucve

CVE-2019-3861

2019-03-25 00:00:00

alpinelinux

CVE-2019-3861

2019-03-25 19:29:01

osv

CVE-2019-3861

2019-03-25 19:29:01

libssh2 - security update

2019-03-26 00:00:00

libssh2 - security update

2019-04-13 00:00:00

redhatcve

CVE-2019-3861

2020-01-04 15:44:57

amazon

Medium: libssh2

2019-08-07 23:53:00

nessus

RHEL 7 : libssh2 (RHSA-2019:2136)

2019-08-12 00:00:00

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0252)

2019-12-31 00:00:00

Amazon Linux 2 : libssh2 (ALAS-2019-1263)

2019-08-12 00:00:00

centos

libssh2 security update

2019-08-30 03:29:04

ibm

Security Bulletin: Multiple security vulnerabilities were fixed in IBM Security Access Manager Appliance (CVE-2019-3861, CVE-019-3858)

2020-01-28 15:09:56

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in libssh2

2023-12-07 22:45:07

Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by multiple vulnerabilities in libssh2

2020-06-04 15:26:02

redhat

(RHSA-2019:2136) Moderate: libssh2 security, bug fix, and enhancement update

2019-08-06 08:05:02

openvas

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1360)

2020-01-23 00:00:00

SUSE: Security Advisory (SUSE-SU-2019:13982-1)

2021-06-09 00:00:00

Debian: Security Advisory (DSA-4431-1)

2019-04-14 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0222

2019-04-03 00:00:00

Critical Photon OS Security Update - PHSA-2019-0222

2019-04-02 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0149

2019-04-05 00:00:00

oraclelinux

libssh2 security, bug fix, and enhancement update

2019-08-13 00:00:00

libssh2 security update

2020-10-06 00:00:00

debian

[SECURITY] [DLA 1730-1] libssh2 security update

2019-03-26 14:15:17

[SECURITY] [DSA 4431-1] libssh2 security update

2019-04-13 13:11:16

[SECURITY] [DSA 4431-1] libssh2 security update

2019-04-13 13:11:16

suse

Security update for libssh2_org (moderate)

2019-03-28 00:00:00

Security update for libssh2_org (moderate)

2019-04-02 00:00:00

Security update for libssh2_org (moderate)

2020-12-01 00:00:00

fedora

[SECURITY] Fedora 29 Update: libssh2-1.8.1-1.fc29

2019-03-23 02:58:27

[SECURITY] Fedora 30 Update: libssh2-1.8.2-1.fc30

2019-04-05 00:02:26

[SECURITY] Fedora 28 Update: libssh2-1.8.1-1.fc28

2019-04-05 01:56:16

fortinet

Protect

2019-11-14 00:00:00

slackware

[slackware-security] libssh2

2019-03-18 23:39:28

freebsd

libssh2 -- multiple issues

2019-03-14 00:00:00

archlinux

[ASA-201903-12] libssh2: multiple issues

2019-03-22 00:00:00

mageia

Updated libssh2 packages fix security vulnerability

2019-04-11 00:25:19

thn

Libssh Releases Update to Patch 9 New Security Vulnerabilities

2019-03-19 10:27:00

altlinux

Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt3.M80P.1

2019-04-24 00:00:00

ubuntu

libssh2 vulnerabilities

2022-03-07 00:00:00

kitploit

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

2019-11-05 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2019

2020-01-22 00:00:00

Oracle Critical Patch Update Advisory - October 2022

2022-10-18 00:00:00

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.033 Low

EPSS

Percentile

91.4%

JSON

Related for VERACODE:13476