Описание
Eugeny Tabby Sends Password Despite Host Key Verification Failure
An issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain sensitive information via the server and sends the SSH username and password even when the host key verification fails.
Пакеты
Наименование
tabby-ssh
npm
Затронутые версииВерсия исправления
< 1.0.214
1.0.214
Связанные уязвимости
CVSS3: 4.3
nvd
около 1 года назад
An issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain sensitive information via the server and sends the SSH username and password even when the host key verification fails.