CVE-2023-48795
- EPSS 64.06%
- Veröffentlicht 18.12.2023 16:15:10
- Zuletzt bearbeitet 29.09.2025 21:56:10
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2023-35887
- EPSS 0.1%
- Veröffentlicht 10.07.2023 16:15:53
- Zuletzt bearbeitet 21.11.2024 08:08:55
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not...
CVE-2022-45047
- EPSS 4%
- Veröffentlicht 16.11.2022 09:15:14
- Zuletzt bearbeitet 21.11.2024 07:28:40
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache...
CVE-2021-30129
- EPSS 0.23%
- Veröffentlicht 12.07.2021 12:15:07
- Zuletzt bearbeitet 21.11.2024 06:03:21
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed i...