Sign In

CVE-2021-43565

ADVISORY - github

Summary

The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an unauthenticated attacker to panic an SSH server. When using AES-GCM or ChaCha20Poly1305, consuming a malformed packet which contains an empty plaintext causes a panic.

EPSS Score: 0.00012 (0.011)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo

ADVISORY - gitlab

CWE-1035

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-937

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

ADVISORY - redhat

CWE-20

Improper Input Validation

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2021-43565
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-noinfo

CVSS SCORE

7.5high

GitHub

CREATED

UPDATED

ADVISORY IDGHSA-gwc9-m7rh-j2ww
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5high

Debian

CREATED

UPDATED

ADVISORY IDCVE-2021-43565
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2021-43565
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

GoLang

CREATED

UPDATED

ADVISORY IDGO-2022-0968
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

GitLab

CREATED

UPDATED

ADVISORY ID

CVE-2021-43565

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-1035CWE-937

CVSS SCORE

7.5high

Amazon

CREATED

UPDATED

ADVISORY IDALAS-2023-1825
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS-2023-1866
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2023-2238
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2-2023-2303
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2023-2023-339
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

UPDATED

ADVISORY IDALAS2023-2023-388
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2021-43565
EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-20

CVSS SCORE

7.5medium

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-2ppg-47v6-f439

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-42c5-p2f2-h5g8

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-594w-mv7g-h3x7

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-7x84-j4gp-wx87

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-gqfm-557c-7735

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-qp4q-5c4r-x82g

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY

Chainguard

CREATED

UPDATED

ADVISORY ID

CGA-r8cw-3rv5-559v

EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
RATING UNAVAILABLE FROM ADVISORY