CVE-2021-30129 – org.apache.sshd:sshd-mina

Package

Manager: maven
Name: org.apache.sshd:sshd-mina
Vulnerable Version: >=2.0.0 <2.7.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00228 pctl0.45508

Details

Buffer Overflow in Apache Mina SSHD A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0

Metadata

Created: 2021-08-02T16:54:09Z
Modified: 2021-07-26T23:00:52Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-9279-7hph-r3xw/GHSA-9279-7hph-r3xw.json
CWE IDs: ["CWE-772"]
Alternative ID: GHSA-9279-7hph-r3xw
Finding: F067
Auto approve: 1