[automatic] Publish 2 advisories for LibSSH2_jll (#198)

jlsec-bot · mbauman · web-flow · commit 385ad1c63a60 · 2025-10-27T11:44:17.000-04:00
* [create-pull-request] automated change

* Update advisories/published/2025/JLSEC-2025-95.md

---------

Co-authored-by: mbauman &lt;154641+mbauman@users.noreply.github.com&gt;
Co-authored-by: Matt Bauman &lt;mbauman@juliahub.com&gt;
diff --git a/advisories/published/2025/JLSEC-0000-mns8yw7md-oz97tn.md b/advisories/published/2025/JLSEC-0000-mns8yw7md-oz97tn.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns8yw7md-oz97tn"
+modified = 2025-10-21T17:13:02.869Z
+upstream = ["CVE-2019-17498"]
+references = ["http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", "https://security.netapp.com/advisory/ntap-20220909-0004/", "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", "https://security.netapp.com/advisory/ntap-20220909-0004/"]
+
+[[affected]]
+pkg = "LibSSH2_jll"
+ranges = ["< 1.10.1+0"]
+
+[[jlsec_sources]]
+id = "CVE-2019-17498"
+imported = 2025-10-21T17:13:02.869Z
+modified = 2024-11-21T04:32:22.850Z
+published = 2019-10-21T22:15:10.523Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2019-17498"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2019-17498"
+```
+
+# In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer over...
+
+In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
+
diff --git a/advisories/published/2025/JLSEC-0000-mns8yw7me-1ry022h.md b/advisories/published/2025/JLSEC-0000-mns8yw7me-1ry022h.md
@@ -0,0 +1,24 @@
+```toml
+schema_version = "1.7.3"
+id = "JLSEC-0000-mns8yw7me-1ry022h"
+modified = 2025-10-21T17:13:02.870Z
+upstream = ["CVE-2020-22218"]
+references = ["https://github.com/libssh2/libssh2/pull/476", "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", "https://security.netapp.com/advisory/ntap-20231006-0002/", "https://github.com/libssh2/libssh2/pull/476", "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", "https://security.netapp.com/advisory/ntap-20231006-0002/"]
+
+[[affected]]
+pkg = "LibSSH2_jll"
+ranges = [">= 1.10.1+0, < 1.11.0+0"]
+
+[[jlsec_sources]]
+id = "CVE-2020-22218"
+imported = 2025-10-21T17:13:02.870Z
+modified = 2024-11-21T05:13:11.797Z
+published = 2023-08-22T19:16:19.120Z
+url = "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2020-22218"
+html_url = "https://nvd.nist.gov/vuln/detail/CVE-2020-22218"
+```
+
+# An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access...
+
+An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
+
