CVE-2020-22218

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions libssh2 version 1.10.0

Description An issue was discovered in the libssh2 packet add function that allows attackers to access out of bounds memory, potentially leading to a denial of service. This issue is related to a buffer overflow in the libssh2 library, which implements the SSH2 protocol.

Recommendations For libssh2 version 1.10.0, consider updating to a newer version that addresses this issue, as accessing out of bounds memory can lead to service disruption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

AZL-28594

BDU:2023-07619

CESA-2023_5615

CVE-2020-22218

DLA-3559-1

OPENSUSE-SU-2023_3555-1

RHSA-2023:5615

RHSA-2023_5615

ROSA-SA-2023-2278

SUSE-SU-2023:3555-1

SUSE-SU-2023:3738-1

SUSE-SU-2023_3555-1

SUSE-SU-2023_3738-1

USN-6371-1

Affected Products

Astra Linux

Centos

Linuxmint

Red Hat

Suse

Ubuntu

Libssh2

CVE-2020-22218

Weakness Enumeration

Related Identifiers

Affected Products

References · 28