CVE Published: 20/03/2019 |
CVE Updated: 04/08/2024 |
CVE Year: 2019 Source: redhat |
Vendor: The libssh2 Project |
Product: libssh2 Status : PUBLISHED
CVE-2019-3862 Description
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.