UBUNTU-CVE-2017-3204
- Source
- https://ubuntu.com/security/CVE-2017-3204
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-3204.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2017-3204
- Upstream
- Published
- 2017-04-04T14:59:00Z
- Modified
- 2026-04-17T09:42:21.859056Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Ubuntu - low
- Summary
- [none]
- Details
-
The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.
- References
Affected packages
Ubuntu:22.04:LTS
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.74.1+ubuntu22.04.4?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.53+21.10ubuntu1
2.54.2+22.04ubuntu1
2.54.2+22.04ubuntu2
2.54.2+22.04ubuntu3
2.54.3+git19.g868fc21+22.04
2.54.3+git26.g360067e+22.04
2.55.2+22.04
2.55.2+22.04.1
2.55.3+22.04
2.55.3+22.04ubuntu1
2.55.5+22.04
2.56.2+22.04ubuntu1
2.57.4+22.04
2.57.5+22.04
2.57.5+22.04ubuntu0.1
2.58+22.04
2.58+22.04.1
2.61.3+22.04
2.62+22.04
2.63+22.04
2.63+22.04ubuntu0.1
2.65.3+22.04
2.66.1+22.04
2.67.1+22.04
2.68.5+ubuntu22.04.1
2.71+ubuntu22.04
2.72+ubuntu22.04
2.73+ubuntu22.04
2.73+ubuntu22.04.1
2.74.1+ubuntu22.04.4
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "snap-confine",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "snapd",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.74.1+ubuntu22.04.4"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.74.1+ubuntu22.04.4"
}
]
}Ubuntu:24.04:LTS
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.74.1+ubuntu24.04.4?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.60.4+23.10
2.61.3+24.04
2.62+24.04build1
2.63+24.04
2.63+24.04ubuntu0.1
2.63.1+24.04
2.65.3+24.04
2.66.1+24.04
2.67.1+24.04
2.68.5+ubuntu24.04.1
2.71+ubuntu24.04
2.72+ubuntu24.04
2.73+ubuntu24.04
2.73+ubuntu24.04.1
2.73+ubuntu24.04.2
2.74.1+ubuntu24.04.4
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "snap-confine",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "snapd",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.74.1+ubuntu24.04.4"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.74.1+ubuntu24.04.4"
}
]
}Ubuntu:25.10
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.74.1+ubuntu25.10.4?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.67.1+25.04
2.68.5+ubuntu25.10.2
2.71+ubuntu25.10
2.71.1+ubuntu25.10.1
2.72+ubuntu25.10.2
2.73+ubuntu25.10
2.73+ubuntu25.10.1
2.74.1+ubuntu25.10.4
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "snap-confine",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "snapd",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.74.1+ubuntu25.10.4"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.74.1+ubuntu25.10.4"
}
]
}Ubuntu:Pro:16.04:LTS
golang-go.crypto
Package
- Name
- golang-go.crypto
- Purl
- pkg:deb/ubuntu/golang-go.crypto@1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1:0.*
1:0.0~git20150608-1
1:0.0~git20151201.0.7b85b09-2
1:0.0~git20151201.0.7b85b09-2ubuntu0.1~esm1
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.16.04.1+esm2?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.9
1.9.1.1
1.9.2
2.*
2.0
2.0.1
2.0.2
2.0.3
2.0.5
2.0.8
2.0.9
2.0.10
2.11+0.16.04
2.12+0.16.04
2.13
2.14.2~16.04
2.15.2ubuntu1
2.16ubuntu3
2.17.1ubuntu1
2.20.1ubuntu1
2.21
2.22.2
2.22.3
2.22.6
2.23.1
2.24.1
2.25
2.26.10
2.27.5
2.28.5
2.29.4.2
2.32.3.2
2.32.9
2.33.1ubuntu2
2.34.2
2.34.2ubuntu0.1
2.37.4
2.37.4ubuntu0.1
2.38
2.39.2
2.39.2ubuntu0.2
2.40
2.42.1
2.45.1
2.45.1ubuntu0.2
2.46.1
2.47.1
2.48
2.48.3
2.54.3+16.04~esm2
2.54.3+16.04.0ubuntu0.1~esm3
2.54.3+16.04.0ubuntu0.1~esm4
2.54.3+16.04.0ubuntu0.1~esm5
2.54.3+16.04.0ubuntu0.1~esm6
2.61.4ubuntu0.16.04.1+esm1
2.61.4ubuntu0.16.04.1+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "snap-confine",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "snapd",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.61.4ubuntu0.16.04.1+esm2"
}
]
}Ubuntu:Pro:18.04:LTS
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.61.4ubuntu0.18.04.1+esm2?arch=source&distro=esm-infra/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.28.5+17.10
2.29.4.1+18.04
2.29.4.2+18.04
2.31.1+18.04
2.32+18.04~pre5
2.32+18.04~pre6
2.32+18.04
2.32.3.2+18.04
2.32.5+18.04
2.32.8+18.04
2.32.9+18.04
2.33.1+18.04ubuntu2
2.34.2+18.04
2.34.2+18.04.1
2.37.1+18.04
2.37.1.1+18.04
2.37.4+18.04
2.37.4+18.04.1
2.38+18.04
2.39.2+18.04
2.40+18.04
2.42.1+18.04
2.45.1+18.04
2.45.1+18.04.2
2.46.1+18.04
2.47.1+18.04
2.48+18.04
2.48.3+18.04
2.49.2+18.04
2.51.1+18.04
2.54.2+18.04ubuntu1
2.54.3+18.04
2.54.3+18.04.2ubuntu0.1
2.54.3+18.04.2ubuntu0.2
2.55.5+18.04
2.57.5+18.04
2.57.5+18.04ubuntu0.1
2.58+18.04
2.58+18.04.1
2.61.4ubuntu0.18.04.1+esm1
2.61.4ubuntu0.18.04.1+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "snap-confine",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "snapd",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.61.4ubuntu0.18.04.1+esm2"
}
]
}Ubuntu:Pro:20.04:LTS
snapd
Package
- Name
- snapd
- Purl
- pkg:deb/ubuntu/snapd@2.67.1+20.04ubuntu1~esm1?arch=source&distro=esm-infra/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
2.*
2.41+19.10.1
2.42.1+20.04
2.43.3+git1.8109f8
2.44~pre1+20.04
2.44+20.04
2.44.2+20.04
2.44.3+20.04
2.45.1+20.04
2.45.1+20.04.2
2.46.1+20.04
2.47.1+20.04
2.48+20.04
2.48.3+20.04
2.49.2+20.04
2.51.1+20.04ubuntu2
2.54.2+20.04ubuntu2
2.54.3+20.04
2.54.3+20.04.1
2.54.3+20.04.1ubuntu0.1
2.54.3+20.04.1ubuntu0.2
2.54.3+20.04.1ubuntu0.3
2.55.5+20.04
2.57.5+20.04
2.57.5+20.04ubuntu0.1
2.58+20.04
2.58+20.04.1
2.61.3+20.04
2.62+20.04
2.63+20.04
2.63+20.04ubuntu0.1
2.65.3+20.04
2.66.1+20.04
2.67.1+20.04
2.67.1+20.04ubuntu1~esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "golang-github-snapcore-snapd-dev",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "golang-github-ubuntu-core-snappy-dev",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "snap-confine",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "snapd",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "snapd-xdg-open",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "ubuntu-core-launcher",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "ubuntu-core-snapd-units",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "ubuntu-snappy",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
},
{
"binary_name": "ubuntu-snappy-cli",
"binary_version": "2.67.1+20.04ubuntu1~esm1"
}
]
}