VDB

GCVE-VVD-MAGEIA-2018-204

GCVE-VVD-MAGEIA-2018-204
Advisory Published
Vulnetix · Advisory published April 15, 2018
A flaw was found in the implementation of `transport.py` in Paramiko, which did not properly check whether authentication was completed before processing other requests. A customized SSH client could simply skip the authentication step (CVE-2018-7750). This flaw is a user authentication bypass in the SSH Server functionality of Paramiko. Where Paramiko is used only for its client-side functionality (e.g. `paramiko.SSHClient`), the vulnerability is not exposed and thus cannot be exploited.
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiapython-paramiko0 (affected), 2.0.8-1.mga6 (unaffected)

References

Updated python-paramiko packages fix security vulnerability
advisory
Updated python-paramiko packages fix security vulnerability
issue
Updated python-paramiko packages fix security vulnerability
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›