RHV and the conditions of CVE-2019-3855, CVE-2019-3856, CVE-2019-3857 and CVE-2019-3863
Issue
CVE-2019-3855, CVE-2019-3856, CVE-2019-3857 and CVE-2019-3863 are the vulnerabilities of libssh2. Each CVE description contains the following same statement.
Statement
This flaw was present in libssh2 packages included in Red Hat Virtualization Hypervisor and
Management Appliance, however libssh2 in these hosts is never exposed to malicious
clients or servers.
What does the above statement mean? Does this mean that these vulnerabilities do not occur in Red Hat Virtualization Hypervisor or Management Appliance?
Environment
- Red Hat Virtualization (RHV)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.