{"id":"CVE-2022-27191","details":"The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving AddHostKey.","aliases":["GHSA-8c26-wmh5-6g9v","GO-2021-0356"],"modified":"2026-04-16T04:35:23.309751556Z","published":"2022-03-18T07:15:06.750Z","related":["ALSA-2022:7469","ALSA-2022:7954","ALSA-2022:8008","CGA-cqvw-g26v-5q76","SUSE-SU-2022:1507-1","SUSE-SU-2022:1689-1","SUSE-SU-2022:2834-1","SUSE-SU-2022:2839-1","SUSE-SU-2022:2839-2","SUSE-SU-2022:4409-1","SUSE-SU-2022:4463-1","SUSE-SU-2023:2183-1","SUSE-SU-2023:2185-1","SUSE-SU-2023:2187-1","SUSE-SU-2023:2579-1","SUSE-SU-2024:0191-1","SUSE-SU-2025:03540-1","SUSE-SU-2025:03545-1","openSUSE-SU-2024:0319-1","openSUSE-SU-2024:12400-1","openSUSE-SU-2024:12490-1","openSUSE-SU-2024:12550-1","openSUSE-SU-2024:12637-1","openSUSE-SU-2024:13225-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZQNPPQWSTP2IX7SHE6TS4SP4EVMI5EZK/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HHGBEGJ54DZZGTXFUQNS7ZIG3E624YAF/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QTFOIDHQRGNI4P6LYN6ILH5G443RYYKB/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZFUNHFHQVJSADNH7EZ3B53CYDZVEEPBP/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DLUJZV3HBP56ADXU6QH2V7RNYUPMVBXQ/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZ3S7LB65N54HXXBCB67P4TTOHTNPP5O/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J5WPM42UR6XIBQNQPNQHM32X7S4LJTRX/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YHYRQB7TRMHDB3NEHW5XBRG7PPMUTPGV/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220429-0002/"},{"type":"ADVISORY","url":"https://groups.google.com/g/golang-announce"},{"type":"ADVISORY","url":"https://groups.google.com/g/golang-announce/c/-cp44ypCT5s"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"0.0.0-20220314234659-1baeb1ce4c0b"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"34"}]},{"events":[{"introduced":"0"},{"last_affected":"35"}]},{"events":[{"introduced":"0"},{"last_affected":"36"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27191.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}