CVE-2021-30129 – org.apache.sshd:sshd-core

Package

Manager: maven
Name: org.apache.sshd:sshd-core
Vulnerable Version: >=2.0.0 <2.7.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00228 pctl0.45497

Details

Buffer Overflow in Apache Mina SSHD A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0

Metadata

Created: 2021-08-02T16:54:09Z
Modified: 2021-07-26T23:00:52Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-9279-7hph-r3xw/GHSA-9279-7hph-r3xw.json
CWE IDs: ["CWE-772"]
Alternative ID: GHSA-9279-7hph-r3xw
Finding: F067
Auto approve: 1