CVE-2020-16135

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-16135

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-16135.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-16135

Downstream

ALPINE-CVE-2020-16135

DEBIAN-CVE-2020-16135

DLA-2303-1

RHSA-2021:4387

RHSA-2021:4750

SUSE-SU-2024:0525-1

SUSE-SU-2024:0539-1

UBUNTU-CVE-2020-16135

USN-4447-1

openSUSE-SU-2024:10998-1

Related

Published

2020-07-29T21:15:13Z

Modified

2025-10-21T05:41:51.154930Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if sshbuffernew returns NULL.

References

Affected packages

Git / gitlab.com/libssh/libssh-mirror

Affected ranges

Type: GIT
Repo: https://gitlab.com/libssh/libssh-mirror
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

9e9df6124454e2b2b5388644c90562c6a85c597d

Affected versions

libssh-0.*

libssh-0.8.0

libssh-0.9.0

libssh-0.9.1

libssh-0.9.2

libssh-0.9.3

libssh-0.9.4

Other

release-0-3-0