Vulnerabilities > CVE-2022-27191

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

golang

fedoraproject

redhat

NVD

Published: 2022-03-18

Updated: 2023-11-07

Summary

The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.

Vulnerable Configurations

Part	Description	Count
Application	Golang Golang SSH 0.0.0-20200622213623-75B288015Ac9 Golang SSH 0.0.0-20201203163018-Be400Aefbc4C Golang SSH 0.0.0-20201216223049-8B5274Cf687F Golang SSH 0.0.0-20201217014255-9D1352758620 Golang SSH 0.0.0-20201221181555-Eec23A3978Ad Golang SSH 0.0.0-20210421170649-83A5A9Bb288B Golang SSH 0.0.0-20210817164053-32Db794688A5	7
Application	Fedoraproject Fedoraproject Extra Packages FOR Enterprise Linux 8.0	1
Application	Redhat Redhat Advanced Cluster Management FOR Kubernetes 2.0	1
OS	Fedoraproject Fedoraproject Fedora 34 Fedoraproject Fedora 35 Fedoraproject Fedora 36	3
OS	Redhat Redhat Enterprise Linux 7.0 Redhat Enterprise Linux 8.0	2

Vulnerabilities > CVE-2022-27191 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2022-27191"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2022-27191