View at Official alpine advisory, NVD, CVE.org · CVE detail
Freshness: no update timestamp found; verify against the upstream OS advisory manually.
CVE-2018-10933: 1 source package rows (libssh); 9 state rows across 9 repos (3.10-main, 3.11-main, 3.17-community, 3.18-community, 3.19-community, 3.20-community, 3.21-community, 3.22-community, edge-community); fixed 9, open 0.
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.