Export limit exceeded: 47242 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (2 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-54591 1 Ronf 1 Asyncssh 2026-07-10 8.1 High
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Prior to 2.23.1, a malicious SSH server can write arbitrary files on the asyncssh SCP client's filesystem by sending filenames containing ../ traversal sequences because _parse_cd_args in scp.py returns server-provided names verbatim and _recv_files joins them to the destination path without enforcing the target directory boundary. This issue is fixed in version 2.23.1.
CVE-2026-54590 1 Ronf 1 Asyncssh 2026-07-10 5.9 Medium
AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /, , and .. before %u substitution in AuthorizedKeysFile but does not block a leading ~ or ${ENV}, allowing later expansion in _expand_val and Path(filename).expanduser() to escape the intended authorized-keys directory. This issue is fixed in version 2.23.1.