If you suspect you have found a security vulnerability in Apache MINA sshd code, please read the ASF Security Policy for how to report the issue. Please do not report the details publicly until the report is reviewed and a fixed version has been published. More details are in the description of the ASF Security Vulnerability Process.