Matthijs Kooijman discovered that Paramiko's SSH server implementation did not properly require authentication before processing requests. An unauthenticated remote attacker could possibly use this to execute arbitrary code.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "1.16.0-1ubuntu0.1", "binary_name": "paramiko-doc" }, { "binary_version": "1.16.0-1ubuntu0.1", "binary_name": "python-paramiko" }, { "binary_version": "1.16.0-1ubuntu0.1", "binary_name": "python3-paramiko" } ] }