Описание
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 0.11.2-1 |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm4 |
| esm-infra/focal | released | 0.9.3-2ubuntu2.5+esm1 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.6+esm2 |
| jammy | released | 0.9.6-2ubuntu0.22.04.4 |
| noble | released | 0.10.6-2ubuntu0.1 |
| oracular | released | 0.10.6-3ubuntu1.1 |
| plucky | released | 0.11.1-1ubuntu0.1 |
| upstream | released | 0.11.2 |
Показывать по
EPSS
3.6 Low
CVSS3
Связанные уязвимости
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
A vulnerability was found in libssh, where an uninitialized variable e ...
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
Уязвимость функции privatekey_from_file() библиотеки libssh, позволяющая нарушителю раскрыть защищаемую информацию или вызвать отказ в обслуживании
EPSS
3.6 Low
CVSS3