CLSA-2026-1778159627

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1778159627.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1778159627
Upstream
Published
2026-05-08T11:40:09Z
Modified
2026-05-27T11:18:21.617536053Z
Summary
libssh2: Fix of 2 CVEs
Details
  • CVE-2019-13115: add bounds-checked stringbuf helpers and use them in diffiehellman_sha1() to prevent out-of-bounds read on malformed KEX reply
  • CVE-2019-17498: harden bounds checks in SSHMSGDISCONNECT, SSHMSGDEBUG and SSHMSGGLOBAL_REQUEST handlers to prevent integer overflow / out-of-bounds read
References

Affected packages

TuxCare:CentOS:6 / libssh2

Package

Name
libssh2
Purl
pkg:rpm/tuxcare/libssh2?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-3.0.1.el6_10.1.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1778159627.json"

TuxCare:CentOS:6 / libssh2-devel

Package

Name
libssh2-devel
Purl
pkg:rpm/tuxcare/libssh2-devel?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-3.0.1.el6_10.1.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1778159627.json"

TuxCare:CentOS:6 / libssh2-docs

Package

Name
libssh2-docs
Purl
pkg:rpm/tuxcare/libssh2-docs?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.4.2-3.0.1.el6_10.1.tuxcare.els3

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1778159627.json"