Nixpkgs security tracker
3.1 LOW
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): HIGH
- Privileges required (PR): LOW
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): LOW
- Availability impact (A): NONE
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of …
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
References
Affected products
- <10.3
Matching in nixpkgs
pkgs.openssh
Implementation of the SSH protocol
pkgs.opensshTest
Implementation of the SSH protocol
pkgs.openssh_hpn
Implementation of the SSH protocol with high performance networking patches
pkgs.openssh_gssapi
Implementation of the SSH protocol with GSSAPI support
pkgs.openssh-askpass
A passphrase dialog for OpenSSH and GTK
pkgs.opensshWithKerberos
Implementation of the SSH protocol
pkgs.openssh_hpnWithKerberos
Implementation of the SSH protocol with high performance networking patches
pkgs.perlPackages.NetOpenSSH
Perl SSH client package implemented on top of OpenSSH
pkgs.perl5Packages.NetOpenSSH
Perl SSH client package implemented on top of OpenSSH
pkgs.lxqt.lxqt-openssh-askpass
GUI to query passwords on behalf of SSH agents
pkgs.perl538Packages.NetOpenSSH
Perl SSH client package implemented on top of OpenSSH
pkgs.perl540Packages.NetOpenSSH
Perl SSH client package implemented on top of OpenSSH
Package maintainers
-
@romildo José Romildo Malaquias <malaquias@gmail.com>
-
@philiptaron Philip Taron <philip.taron@gmail.com>
-
@helsinki-Jo Joachim Ernst <joachim.ernst@helsinki-systems.de>
-
@dasJ Janne Heß <janne@hess.ooo>
-
@Conni2461 Simon Hauser <simon-hauser@outlook.com>
-
@wahjava Ashish SHUKLA <ashish.is@lostca.se>
-
@n3tshift n3tshift <n3tshift@tilde.pink>