Vulnerability	Vulnerable Version
H Directory Traversal Affected versions of this package are vulnerable to Directory Traversal via the `AuthorizedKeysFile` `%u` token. An attacker can gain unauthorized SSH authentication by supplying a specially crafted username containing path traversal sequences, allowing the server to read an attacker-controlled authorized-keys file outside the intended directory. Note: This is only exploitable if all the following are true: The server is configured with an `AuthorizedKeysFile` pattern containing `%u`. Public-key authentication is enabled. The attacker can place or reference a readable authorized-keys-format file outside the intended directory. The application does not separately reject usernames containing `/`, `\`, or `..` before use. How to fix Directory Traversal? Upgrade `asyncssh` to version 2.23.0 or higher.	[,2.23.0)

Directory Traversal

Affected versions of this package are vulnerable to Directory Traversal via the AuthorizedKeysFile %u token. An attacker can gain unauthorized SSH authentication by supplying a specially crafted username containing path traversal sequences, allowing the server to read an attacker-controlled authorized-keys file outside the intended directory.

Note: This is only exploitable if all the following are true:

The server is configured with an AuthorizedKeysFile pattern containing %u.
Public-key authentication is enabled.
The attacker can place or reference a readable authorized-keys-format file outside the intended directory.
The application does not separately reject usernames containing /, \, or .. before use.

How to fix Directory Traversal?

Upgrade asyncssh to version 2.23.0 or higher.

[,2.23.0)

Go back to all versions of this package