GHSA-9279-7hph-r3xw
Suggest an improvement- Source
- https://github.com/advisories/GHSA-9279-7hph-r3xw
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-9279-7hph-r3xw/GHSA-9279-7hph-r3xw.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-9279-7hph-r3xw
- Aliases
- Published
- 2021-08-02T16:54:09Z
- Modified
- 2023-11-01T04:55:15.389173Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- Buffer Overflow in Apache Mina SSHD
- Details
-
A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0
- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2021-30129
- https://issues.apache.org/jira/browse/SSHD-1125
- https://lists.apache.org/thread.html/r6d4f78e192a0c8eabd671a018da464024642980ecd24096bde6db36f%40%3Cusers.mina.apache.org%3E
- https://lists.apache.org/thread.html/r6d4f78e192a0c8eabd671a018da464024642980ecd24096bde6db36f@%3Cusers.mina.apache.org%3E
- https://lists.apache.org/thread.html/red01829efa2a8c893c4baff4f23c9312bd938543a9b8658e172b853b@%3Cannounce.apache.org%3E
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- http://www.openwall.com/lists/oss-security/2021/07/12/1
Affected packages
Maven / org.apache.sshd:sshd-mina
Package
- Name
- org.apache.sshd:sshd-mina
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.sshd/sshd-mina
Maven / org.apache.sshd:sshd-core
Package
- Name
- org.apache.sshd:sshd-core
- View open source insights on deps.dev
- Purl
- pkg:maven/org.apache.sshd/sshd-core