vulnerability
FreeBSD: VID-6190c0cd-b945-11ea-9401-2dcf562daa69 (CVE-2020-14002): PuTTY -- Release 0.74 fixes two security vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Jun 28, 2020 | Jun 29, 2020 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Jun 28, 2020
Added
Jun 29, 2020
Modified
Dec 10, 2025
Description
Simon Tatham reports: [Release 0.74] fixes the following security issues: New configuration option to disable PuTTY's default policy of changing its host key algorithm preferences to prefer keys it already knows. (There is a theoretical information leak in this policy.) [CVE-2020-14002] In some situations an SSH server could cause PuTTY to access freed mdmory by pretending to accept an SSH key and then refusing the actual signature. It can only happen if you're using an SSH agent.
Solutions
freebsd-upgrade-package-puttyfreebsd-upgrade-package-putty-gtk2freebsd-upgrade-package-putty-nogtk
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.