CVE-2023-48795
- EPSS 64.06%
- Published 18.12.2023 16:15:10
- Last modified 29.09.2025 21:56:10
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client a...
CVE-2023-35887
- EPSS 0.1%
- Published 10.07.2023 16:15:53
- Last modified 21.11.2024 08:08:55
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not...
CVE-2022-45047
- EPSS 4%
- Published 16.11.2022 09:15:14
- Last modified 21.11.2024 07:28:40
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache...
CVE-2021-30129
- EPSS 0.23%
- Published 12.07.2021 12:15:07
- Last modified 21.11.2024 06:03:21
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed i...