RHSA-2019:1884

Affecting libssh2 package, versions <0:1.4.3-12.el7_6.3

Report new vulnerabilities
medium severity
Do your applications use this vulnerable package? Test your applications

Overview

The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es): * libssh2: Out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

CVE
RHSA-2019:1884
Snyk ID
SNYK-CENTOS7-LIBSSH2-455698
Published
29 Jul, 2019