1. CVE-Search
  2. CVE-2022-27191
ID CVE-2022-27191
Summary The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.
References
Vulnerable Configurations
  • cpe:2.3:a:golang:ssh:0.0.0-20200622213623-75b288015ac9:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20200622213623-75b288015ac9:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20201203163018-be400aefbc4c:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20201203163018-be400aefbc4c:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20201216223049-8b5274cf687f:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20201216223049-8b5274cf687f:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20201217014255-9d1352758620:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20201217014255-9d1352758620:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20201221181555-eec23a3978ad:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20201221181555-eec23a3978ad:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20210421170649-83a5a9bb288b:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20210421170649-83a5a9bb288b:*:*:*:*:*:*:*
  • cpe:2.3:a:golang:ssh:0.0.0-20210817164053-32db794688a5:*:*:*:*:*:*:*
    cpe:2.3:a:golang:ssh:0.0.0-20210817164053-32db794688a5:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
  • cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 08-08-2023 - 14:22)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
Last major update 08-08-2023 - 14:22
Published 18-03-2022 - 07:15
Last modified 08-08-2023 - 14:22
Back to Top