Описание
[Denial of Service via inefficient regular expression processing]
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.11.3-1ubuntu1 |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm6 |
| esm-infra/focal | released | 0.9.3-2ubuntu2.5+esm3 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.6+esm4 |
| jammy | released | 0.9.6-2ubuntu0.22.04.6 |
| noble | released | 0.10.6-2ubuntu0.3 |
| questing | released | 0.11.2-1ubuntu0.2 |
| upstream | released | 0.11.4 |
Показывать по
EPSS
Связанные уязвимости
A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.
A flaw was found in libssh. A remote attacker, by controlling client configuration files or known_hosts files, could craft specific hostnames that when processed by the `match_pattern()` function can lead to inefficient regular expression backtracking. This can cause timeouts and resource exhaustion, resulting in a Denial of Service (DoS) for the client.
EPSS