GHSA-gwc9-m7rh-j2ww, CVE-2021-43565
go/golang.org/x/crypto/ssh
x/crypto/ssh vulnerable to panic via SSH server
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.
All versions before 0.0.0-20211202192323-5770296d904e
Upgrade to version 0.0.0-20211202192323-5770296d904e or above.
2022-09-19
source |