A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the gssapi-with-mic method which will cause NewServerConn to panic via a nil pointer dereference if ServerConfig.GSSAPIWithMICConfig is nil.
NULL Pointer Dereference
NULL Pointer Dereference
NULL Pointer Dereference
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in