[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-17498":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":39,"duplicate_of":9,"upstream":40,"downstream":41,"duplicates":84,"related":85,"reserved_at":9,"published_at":99,"modified_at":100,"state":101,"summary":102,"references_raw":110,"kevs":164,"epss":165,"epss_history":168,"metrics":430,"affected":441},"CVE-2019-17498","In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],[25,34],{"_key":26,"name":27,"source":28,"url":29,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":33,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_LIBSSH2_LIBSSH2","Libssh2","github","https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480","poc",0.3,false,[],{"_key":35,"name":36,"source":28,"url":37,"maturity":30,"reliability_score":31,"verified":32,"type":9,"platforms":38,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_KEVINBACKHOUSE_SECURITYEXPLOITS","Securityexploits","https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498",[],[],[],[42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82],{"_key":43},"ALPINE-CVE-2019-17498",{"_key":45},"SUSE-SU-2019:14206-1",{"_key":47},"SUSE-SU-2019:2900-1",{"_key":49},"RHSA-2020:3915",{"_key":51},"SUSE-RU-2023:4066-1",{"_key":53},"SUSE-SU-2019:14226-1",{"_key":55},"SUSE-SU-2019:2900-2",{"_key":57},"SUSE-SU-2019:2936-1",{"_key":59},"SUSE-SU-2020:3551-1",{"_key":61},"SUSE-RU-2023:4192-1",{"_key":63},"OPENSUSE-SU-2019:2483-1",{"_key":65},"OPENSUSE-SU-2020:2126-1",{"_key":67},"OPENSUSE-SU-2020:2129-1",{"_key":69},"OPENSUSE-SU-2024:10999-1",{"_key":71},"DLA-1991-1",{"_key":73},"DLA-2848-1",{"_key":75},"DLA-3559-1",{"_key":77},"MGASA-2019-0343",{"_key":79},"UBUNTU-CVE-2019-17498",{"_key":81},"DEBIAN-CVE-2019-17498",{"_key":83},"USN-5308-1",[],[86,87,88,89,90,91,92,93,94,95,96,97,98],{"_key":45},{"_key":47},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":77},"2019-10-21T00:00:00.000Z","2024-08-05T01:40:15.913Z","Modified",{"cisa_kev":32,"cisa_ransomware":32,"cisa_vendor":9,"epss_severity":103,"epss_score":104,"severity":105,"severity_score":106,"severity_version":107,"severity_source":108,"severity_vector":109,"severity_status":101},"low",0.0142,"high",8.1,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H",[111,117,122,125,130,135,139,143,148,152,156,160],{"url":29,"sources":112,"tags":114},[113,108],"cve.org",[115,116],"Exploit","Third Party Advisory",{"url":118,"sources":119,"tags":120},"https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/",[113,108],[121],"Broken Link",{"url":37,"sources":123,"tags":124},[113,108],[115,116],{"url":126,"sources":127,"tags":128},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/",[113,108],[129],"Vendor Advisory",{"url":131,"sources":132,"tags":133},"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html",[113,108],[129,134,116],"Mailing List",{"url":136,"sources":137,"tags":138},"https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html",[113,108],[134,116],{"url":140,"sources":141,"tags":142},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/",[113,108],[129],{"url":144,"sources":145,"tags":146},"https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c",[113,108],[147,116],"Patch",{"url":149,"sources":150,"tags":151},"https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html",[113,108],[134,116],{"url":153,"sources":154,"tags":155},"https://security.netapp.com/advisory/ntap-20220909-0004/",[113,108],[116],{"url":157,"sources":158,"tags":159},"http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html",[113,108],[],{"url":161,"sources":162,"tags":163},"https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html",[113,108],[134],[],{"date":166,"score":104,"percentile":167},"2026-06-04",0.8093,[169,173,176,179,182,185,188,191,193,196,199,202,204,207,209,213,216,219,223,227,230,232,235,237,240,243,246,249,252,255,258,261,264,267,270,273,276,279,282,285,288,291,293,296,299,302,305,308,311,313,316,319,322,324,327,330,333,336,339,342,345,348,350,352,355,357,361,364,367,370,373,376,379,381,384,387,390,393,395,398,401,404,407,410,413,416,419,422,425,427],{"date":170,"score":171,"percentile":172},"2025-11-04",0.02028,0.83181,{"date":174,"score":171,"percentile":175},"2025-11-05",0.83185,{"date":177,"score":171,"percentile":178},"2025-11-06",0.83186,{"date":180,"score":171,"percentile":181},"2025-11-07",0.83195,{"date":183,"score":171,"percentile":184},"2025-11-08",0.83202,{"date":186,"score":171,"percentile":187},"2025-11-09",0.83196,{"date":189,"score":171,"percentile":190},"2025-11-10",0.8319,{"date":192,"score":171,"percentile":187},"2025-11-11",{"date":194,"score":171,"percentile":195},"2025-11-12",0.83206,{"date":197,"score":171,"percentile":198},"2025-11-13",0.83211,{"date":200,"score":171,"percentile":201},"2025-11-14",0.83215,{"date":203,"score":171,"percentile":195},"2025-11-15",{"date":205,"score":171,"percentile":206},"2025-11-16",0.83209,{"date":208,"score":171,"percentile":195},"2025-11-17",{"date":210,"score":211,"percentile":212},"2025-11-18",0.02892,0.85088,{"date":214,"score":211,"percentile":215},"2025-11-19",0.85089,{"date":217,"score":211,"percentile":218},"2025-11-20",0.85091,{"date":220,"score":221,"percentile":222},"2025-11-21",0.0152,0.80677,{"date":224,"score":225,"percentile":226},"2025-11-22",0.02205,0.83915,{"date":228,"score":225,"percentile":229},"2025-11-23",0.83906,{"date":231,"score":225,"percentile":229},"2025-11-24",{"date":233,"score":225,"percentile":234},"2025-11-25",0.83902,{"date":236,"score":225,"percentile":234},"2025-11-26",{"date":238,"score":225,"percentile":239},"2025-11-27",0.83901,{"date":241,"score":225,"percentile":242},"2025-11-28",0.83889,{"date":244,"score":225,"percentile":245},"2025-11-29",0.83904,{"date":247,"score":225,"percentile":248},"2025-11-30",0.83907,{"date":250,"score":225,"percentile":251},"2025-12-01",0.83978,{"date":253,"score":225,"percentile":254},"2025-12-02",0.83979,{"date":256,"score":225,"percentile":257},"2025-12-03",0.8398,{"date":259,"score":225,"percentile":260},"2025-12-04",0.83909,{"date":262,"score":171,"percentile":263},"2025-12-05",0.83233,{"date":265,"score":171,"percentile":266},"2025-12-06",0.83229,{"date":268,"score":171,"percentile":269},"2025-12-07",0.83225,{"date":271,"score":171,"percentile":272},"2025-12-08",0.83228,{"date":274,"score":171,"percentile":275},"2025-12-09",0.83239,{"date":277,"score":171,"percentile":278},"2025-12-10",0.83262,{"date":280,"score":171,"percentile":281},"2025-12-11",0.83277,{"date":283,"score":171,"percentile":284},"2025-12-12",0.83285,{"date":286,"score":171,"percentile":287},"2025-12-13",0.83281,{"date":289,"score":171,"percentile":290},"2025-12-14",0.83278,{"date":292,"score":171,"percentile":290},"2025-12-15",{"date":294,"score":171,"percentile":295},"2025-12-16",0.83288,{"date":297,"score":171,"percentile":298},"2025-12-17",0.83297,{"date":300,"score":171,"percentile":301},"2025-12-18",0.83305,{"date":303,"score":171,"percentile":304},"2025-12-19",0.83307,{"date":306,"score":171,"percentile":307},"2025-12-20",0.833,{"date":309,"score":171,"percentile":310},"2025-12-21",0.83299,{"date":312,"score":171,"percentile":310},"2025-12-22",{"date":314,"score":171,"percentile":315},"2025-12-23",0.83306,{"date":317,"score":171,"percentile":318},"2025-12-24",0.83314,{"date":320,"score":171,"percentile":321},"2025-12-25",0.83328,{"date":323,"score":171,"percentile":321},"2025-12-26",{"date":325,"score":171,"percentile":326},"2025-12-27",0.8337,{"date":328,"score":171,"percentile":329},"2025-12-28",0.83315,{"date":331,"score":171,"percentile":332},"2025-12-29",0.8331,{"date":334,"score":171,"percentile":335},"2025-12-30",0.83317,{"date":337,"score":171,"percentile":338},"2025-12-31",0.8333,{"date":340,"score":171,"percentile":341},"2026-01-01",0.834,{"date":343,"score":171,"percentile":344},"2026-01-02",0.83397,{"date":346,"score":171,"percentile":347},"2026-01-03",0.83392,{"date":349,"score":171,"percentile":318},"2026-01-04",{"date":351,"score":171,"percentile":304},"2026-01-05",{"date":353,"score":171,"percentile":354},"2026-01-06",0.83313,{"date":356,"score":171,"percentile":318},"2026-01-07",{"date":358,"score":359,"percentile":360},"2026-01-08",0.02198,0.83966,{"date":362,"score":359,"percentile":363},"2026-01-09",0.83968,{"date":365,"score":359,"percentile":366},"2026-01-10",0.83963,{"date":368,"score":359,"percentile":369},"2026-01-11",0.83962,{"date":371,"score":359,"percentile":372},"2026-01-12",0.83957,{"date":374,"score":359,"percentile":375},"2026-01-13",0.83953,{"date":377,"score":359,"percentile":378},"2026-01-14",0.83972,{"date":380,"score":359,"percentile":378},"2026-01-15",{"date":382,"score":359,"percentile":383},"2026-01-16",0.83982,{"date":385,"score":359,"percentile":386},"2026-01-17",0.83986,{"date":388,"score":359,"percentile":389},"2026-01-18",0.83981,{"date":391,"score":359,"percentile":392},"2026-01-19",0.83976,{"date":394,"score":359,"percentile":251},"2026-01-20",{"date":396,"score":359,"percentile":397},"2026-01-21",0.83983,{"date":399,"score":359,"percentile":400},"2026-01-22",0.83987,{"date":402,"score":359,"percentile":403},"2026-01-23",0.84011,{"date":405,"score":359,"percentile":406},"2026-01-24",0.84021,{"date":408,"score":359,"percentile":409},"2026-01-25",0.84018,{"date":411,"score":359,"percentile":412},"2026-01-26",0.84017,{"date":414,"score":359,"percentile":415},"2026-01-27",0.8402,{"date":417,"score":359,"percentile":418},"2026-01-28",0.84024,{"date":420,"score":359,"percentile":421},"2026-01-29",0.84025,{"date":423,"score":359,"percentile":424},"2026-01-30",0.84028,{"date":426,"score":359,"percentile":424},"2026-01-31",{"date":428,"score":359,"percentile":429},"2026-02-01",0.84097,[431],{"source":108,"cvss_v2_0":432,"cvss_v3_0":9,"cvss_v3_1":437,"cvss_v4_0":9},{"baseScore":433,"baseSeverity":9,"vectorString":434,"impactScore":435,"exploitabilityScore":436},5.8,"AV:N/AC:M/Au:N/C:P/I:N/A:P",4.9,8.6,{"baseScore":106,"baseSeverity":438,"vectorString":109,"impactScore":439,"exploitabilityScore":440},"HIGH",8.7,7.2,[442,453,461,470,477,482,487,492,497,501],{"ecosystem":9,"name":443,"vendor":444,"product":445,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":447},"debian linux","debian","debian_linux","o",[448,451],{"version":449,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":452,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":454,"vendor":455,"product":454,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":456},"fedora","fedoraproject",[457,459],{"version":458,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"30",{"version":460,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"31",{"ecosystem":9,"name":462,"vendor":462,"product":462,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":464},"libssh2","a",[465],{"version":466,"is_range":467,"range_type":450,"version_start":9,"version_start_type":9,"version_end":468,"version_end_type":469,"fixed_in":9},"lte1.9.0",true,"1.9.0","including",{"ecosystem":9,"name":471,"vendor":472,"product":473,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":474},"active iq unified manager","netapp","active_iq_unified_manager",[475],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":478,"vendor":472,"product":479,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":480},"bootstrap os","bootstrap_os",[481],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":483,"vendor":472,"product":484,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":485},"element software","element_software",[486],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":488,"vendor":472,"product":489,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"hci management node","hci_management_node",[491],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":493,"vendor":472,"product":494,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":495},"ontap select deploy administration utility","ontap_select_deploy_administration_utility",[496],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":498,"vendor":472,"product":498,"cpe_part":463,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":499},"solidfire",[500],{"version":476,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":502,"vendor":503,"product":502,"cpe_part":446,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":504},"leap","opensuse",[505],{"version":506,"is_range":32,"range_type":450,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.1"]