CVE-2021-43565
x/crypto/ssh vulnerable to panic via SSH server in go/golang.org/x/crypto/ssh
Identifiers
GHSA-gwc9-m7rh-j2ww, CVE-2021-43565
Package Slug
go/golang.org/x/crypto/ssh
Vulnerability
x/crypto/ssh vulnerable to panic via SSH server
Description
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
Affected Versions
All versions before 0.0.0-20211202192323-5770296d904e
Solution
Upgrade to version 0.0.0-20211202192323-5770296d904e or above.
Last Modified
2022-09-19
| source |