Uploaded image for project: 'Qt Creator'
  1. Qt Creator
  2. QTCREATORBUG-13339

SSH Client Does Not Verify Hostkey Fingerprints

    XMLWordPrintable

Details

    • 62a83f911365eab71e7260484517ef6c739d5192

    Description

      The ssh client in qt creator does not check the fingerprint of the remote device, leading to a trivial man in the middle attack.

      This is a security bug, which will likely require a CVE assigned.

      This affects all versions.

      Attachments

        For Gerrit Dashboard: QTCREATORBUG-13339
        # Subject Branch Project Status CR V
        99684,8 SSH: implement host key checking. master qt-creator/qt-creator Status: MERGED +2 0

        Activity

          People

            kandeler Christian Kandeler
            zx2c4 Jason A. Donenfeld
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes