JLSEC-2026-660

Source
https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-660.md
Import Source
https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-660.json
JSON Data
https://api.osv.dev/v1/vulns/JLSEC-2026-660
Upstream
  • EUVD-2026-37782
  • GHSA-3cfq-4xx4-rmpg
Published
2026-07-10T13:57:40.607Z
Modified
2026-07-10T14:04:59.678707834Z
Severity
  • 8.2 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS Calculator
Summary
libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service...
Details

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nrextensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from libssh2get_string() are unchecked and the session timeout does not apply to CPU-bound loops.

Database specific
{
    "sources": [
        {
            "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-55199",
            "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-55199",
            "modified": "2026-06-26T19:16:37.353Z",
            "id": "CVE-2026-55199",
            "imported": "2026-07-09T16:14:55.269Z",
            "published": "2026-06-17T20:17:28.520Z",
            "database_specific": {
                "status": "Analyzed"
            }
        },
        {
            "url": "https://api.github.com/advisories/GHSA-3cfq-4xx4-rmpg",
            "html_url": "https://github.com/advisories/GHSA-3cfq-4xx4-rmpg",
            "modified": "2026-06-17T21:34:45Z",
            "imported": "2026-07-09T16:15:01.193Z",
            "published": "2026-06-17T21:34:39Z",
            "id": "GHSA-3cfq-4xx4-rmpg"
        },
        {
            "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-37782",
            "published": "2026-06-17T18:44:18Z",
            "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-37782",
            "imported": "2026-07-09T16:14:57.240Z",
            "id": "EUVD-2026-37782",
            "modified": "2026-06-18T15:31:59Z"
        }
    ],
    "license": "CC-BY-4.0"
}
References

Affected packages

Julia / LibSSH2_jll

Package

Name
LibSSH2_jll
Purl
pkg:julia/LibSSH2_jll?uuid=29816b5a-b9ab-546f-933c-edad1886dfa8

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.102+0

Database specific

source
"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-660.json"