libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process from an out-of-bounds memory comparison by sending a malicious SSH_MSG_CHANNEL_REQUEST
packet with an exit status message and no payload.
CPE | Name | Operator | Version |
---|---|---|---|
libssh2.so | le | 1.0.1-1.9.0-5.epel8.playground.x86_64.debug | |
libssh2 | le | 1.4.3.3 |