Golang Ssh vulnerabilities
3 known vulnerabilities affecting golang/ssh.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3
Vulnerabilities
Page 1 of 1
CVE-2021-43565HIGHCVSS 7.5fixed in 0.0.0-20211202192323-5770296d904e2022-09-06
CVE-2021-43565 [HIGH] CVE-2021-43565: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an a
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
nvd
CVE-2022-27191HIGHCVSS 7.5fixed in 0.0.0-20220314234659-1baeb1ce4c0b2022-03-18
CVE-2022-27191 [HIGH] CVE-2022-27191: The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attack
The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
nvd
CVE-2020-29652HIGHCVSS 7.5≤ 0.0.0-20201203163018-be400aefbc4c2020-12-17
CVE-2020-29652 [HIGH] CWE-476 CVE-2020-29652: A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be4
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
nvd