| CVE-2026-39827 |
medium |
6.5 |
6.5 |
|
|
|
13d ago |
An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users.… |
| CVE-2026-39828 |
medium |
6.3 |
6.3 |
|
|
|
13d ago |
When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as forc… |
| CVE-2023-48795 |
medium |
5.9 |
5.9 |
|
|
|
3y ago |
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from… |
| CVE-2019-11840 |
medium |
5.9 |
5.9 |
|
|
|
7y ago |
An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/… |
| CVE-2022-27191 |
medium |
— |
5.5 |
|
|
|
4y ago |
RHSA-2022:7469: container-tools:4.0 security and bug fix update (Moderate) |
| CVE-2020-29652 |
medium |
— |
5.5 |
|
|
|
4y ago |
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. |
| CVE-2026-46598 |
medium |
5.3 |
5.3 |
|
|
|
13d ago |
For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used. |
| CVE-2026-39835 |
medium |
5.3 |
5.3 |
|
|
|
13d ago |
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an… |
