CVE-2020-22218

Опубликовано: 22 авг. 2023

Источник: redhat

CVSS3: 7.5

EPSS Низкий

Описание

An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.

A flaw was found in the libssh2 library. An out-of-bounds access issue can occur due to an improper initialization of a variable, resulting in a crash in the application linked to the library.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libssh2	Out of support scope
Red Hat Enterprise Linux 7	libssh2	Fixed	RHSA-2023:5615	10.10.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=2235542libssh2: use-of-uninitialized-value in _libssh2_transport_read

EPSS

Процентиль: 25%

0.00084

Низкий

7.5 High

CVSS3

Связанные уязвимости

CVE-2020-22218

CVSS3: 7.5

ubuntu

около 2 лет назад

An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.

CVE-2020-22218

CVSS3: 7.5

nvd

около 2 лет назад

An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.

CVE-2020-22218

CVSS3: 7.5

msrc

около 2 лет назад

Описание отсутствует

CVE-2020-22218

CVSS3: 7.5

debian

около 2 лет назад

An issue was discovered in function _libssh2_packet_add in libssh2 1.1 ...

SUSE-SU-2023:3738-1

suse-cvrf

почти 2 года назад

Security update for libssh2_org

EPSS

Процентиль: 25%

0.00084

Низкий

7.5 High

CVSS3