CVE-2019-3858

Summary

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Affected Software

VendorProductVersion RangeStatus
The libssh2 Projectlibssh21.8.1affected

Weaknesses

  • CWE-125: CWE-125

ADP Enrichment

CVE Program Container

Additional References

References