{"id":"CLSA-2026-1774007374","summary":"libssh: Fix of CVE-2026-3731","details":"- CVE-2026-3731: Validate idx and add bounds checks; prevent out-of-bounds read\n  in SFTP Extension Name Handler via manipulated idx.","modified":"2026-05-27T11:18:18.302594090Z","published":"2026-03-20T11:49:39Z","upstream":["CVE-2026-3731"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2026-1774007374.html"}],"affected":[{"package":{"name":"libssh","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/libssh?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.6-14.el8.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1774007374.json"}},{"package":{"name":"libssh-config","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/libssh-config?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.6-14.el8.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1774007374.json"}},{"package":{"name":"libssh-devel","ecosystem":"TuxCare:CentOS-Stream:8","purl":"pkg:rpm/tuxcare/libssh-devel?distro=centos-stream-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.9.6-14.el8.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2026-1774007374.json"}}],"schema_version":"1.7.5"}