Vulnerabilities > Libssh2 > Critical

DATE CVE VULNERABILITY TITLE RISK
2019-03-25 CVE-2019-3861 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
9.1
2019-03-25 CVE-2019-3860 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed.
network
low complexity
libssh2 debian netapp opensuse CWE-125
critical
9.1
2019-03-21 CVE-2019-3858 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
9.1
2019-03-21 CVE-2019-3862 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
9.1
2019-03-21 CVE-2019-3859 Out-of-bounds Read vulnerability in multiple products
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions.
network
low complexity
libssh2 fedoraproject debian netapp opensuse CWE-125
critical
9.1