Python/paramiko/3.5.0

SSH2 protocol library

Repo Link: https://pypi.org/project/paramiko
License: LGPL-3.0-or-later

1 Security Vulnerabilities

Paramiko rsakey.py allows the SHA-1 algorithm

Published date: 2026-05-06T00:31:33Z

CVE: CVE-2026-44405

Links:

In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm.

Affected versions: ["1.10.1", "1.10.5", "1.16.1", "1.17.6", "1.5.2", "2.0.1", "2.0.4", "1.10.0", "1.10.7", "1.13.1", "1.18.2", "1.18.3", "1.5.4", "1.7", "1.7.2", "0.1-bulbasaur", "0.9-doduo", "0.9-fearow", "1.10.3", "1.11.0", "1.14.2", "1.17.2", "1.3.1", "1.7.1", "1.7.5", "0.9-horsea", "1.1", "1.10.6", "1.11.1", "1.12.2", "1.14.0", "1.15.0", "1.15.3", "1.17.0", "1.17.1", "1.17.3", "1.3", "1.6.3", "1.7.7.1", "2.0.6", "2.0.7", "2.0.8", "0.1-charmander", "0.9-eevee", "1.0", "1.10.2", "1.10.4", "1.15.1", "1.15.4", "1.17.5", "1.18.1", "1.18.4", "1.8.1", "2.0.0", "2.1.5", "2.1.6", "2.4.3", "2.5.1", "2.1.2", "2.1.4", "2.2.0", "2.2.4", "2.3.3", "0.9-gyarados", "1.12.0", "1.15.2", "1.16.2", "1.18.0", "1.4", "1.5.1", "1.6.1", "2.0.5", "2.1.3", "2.3.1", "2.5.0", "2.2.3", "2.6.0", "1.11.3", "1.11.4", "1.12.1", "1.13.4", "1.17.4", "1.18.5", "1.2", "1.6.2", "1.6.4", "1.7.6", "1.8.0", "1.9.0", "2.0.3", "2.0.9", "2.1.0", "2.3.0", "2.4.2", "2.7.1", "2.1.1", "2.2.2", "2.4.0", "2.7.2", "0.9-ivysaur", "1.11.2", "1.11.5", "1.11.6", "1.12.3", "1.12.4", "1.13.0", "1.13.2", "1.13.3", "1.14.1", "1.14.3", "1.15.5", "1.16.0", "1.16.3", "1.6", "1.7.4", "1.7.7.2", "2.0.2", "2.4.1", "2.7.0", "2.2.1", "2.3.2", "2.8.0", "2.8.1", "2.9.0", "2.9.1", "2.9.2", "2.10.0", "2.10.1", "2.10.2", "2.10.3", "2.9.3", "2.10.4", "2.9.4", "2.10.5", "2.11.0", "2.9.5", "2.10.6", "2.12.0", "2.11.1", "3.0.0", "3.1.0", "3.2.0", "3.3.1", "3.3.0", "3.4.0", "3.4.1", "3.3.2", "3.5.0", "3.5.1", "4.0.0"]

Secure versions: [5.0.0]

Recommendation: Update to version 5.0.0.

151 Other Versions

Version	License	Security	Released
0.9-ivysaur	LGPL-3.0-or-later	3	2012-09-26 - 22:38	over 13 years