Export limit exceeded: 364529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 364529 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (2 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-54591 | 1 Ronf | 1 Asyncssh | 2026-07-10 | 8.1 High |
| AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the asyncssh SCP client's filesystem by sending filenames containing ../ traversal sequences because _parse_cd_args in scp.py returns server-provided names verbatim and _recv_files joins them to the destination path without enforcing the target directory boundary. This issue is fixed in version 2.23.1. | ||||
| CVE-2026-54590 | 1 Ronf | 1 Asyncssh | 2026-07-10 | 5.9 Medium |
| AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /, , and .. before %u substitution in AuthorizedKeysFile but does not block a leading ~ or ${ENV}, allowing later expansion in _expand_val and Path(filename).expanduser() to escape the intended authorized-keys directory. This issue is fixed in version 2.23.1. | ||||
Page 1 of 1.