Vulnerability: Out of Bounds Read Flaw in libssh2

Vulnerability: Out of Bounds Read Flaw in libssh2

CVE-2019-3860 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.

Learn more about our Cis Benchmark Audit For Server Software.