Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-3863

Опубликовано: 25 мар. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.8
CVSS3: 7.5

Описание

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needed
cosmic

ignored

end of life
devel

not-affected

1.8.0-2.1
disco

not-affected

1.8.0-2.1
eoan

not-affected

1.8.0-2.1
esm-apps/bionic

needed

esm-apps/focal

not-affected

1.8.0-2.1
esm-apps/jammy

not-affected

1.8.0-2.1
esm-apps/xenial

released

1.5.0-2ubuntu0.1+esm1
esm-infra-legacy/trusty

not-affected

1.4.3-2ubuntu0.2+esm2

Показывать по

Ссылки на источники

EPSS

Процентиль: 93%
0.09733
Низкий

6.8 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-3863

CVSS3: 7.5
redhat
больше 6 лет назад

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

nvd логотип

CVE-2019-3863

CVSS3: 7.5
nvd
около 6 лет назад

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

debian логотип

CVE-2019-3863

CVSS3: 7.5
debian
около 6 лет назад

A flaw was found in libssh2 before 1.8.1. A server could send a multip ...

github логотип

GHSA-h63q-2463-x5hq

CVSS3: 8.8
github
около 3 лет назад

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

fstec логотип

BDU:2019-03795

CVSS3: 8.8
fstec
больше 6 лет назад

Уязвимость бибиотеки libssh2, связанная с записью за границами буфера в памяти, позволяющая нарушителю вызвать отказ в обслуживании, выполнить произвольный код или раскрыть защищаемую информацию

EPSS

Процентиль: 93%
0.09733
Низкий

6.8 Medium

CVSS2

7.5 High

CVSS3