Package Instance

reference_id

AVG-110

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12062

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1010
reference_id	CVE-2016-10010
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1010

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt
reference_id	CVE-2016-10010
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt

reference_url	https://usn.ubuntu.com/3538-1/
reference_id	USN-3538-1
reference_type
scores
url	https://usn.ubuntu.com/3538-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-10010

risk_score 10.0

exploitability 2.0

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fj8-vfgx-pyh9

url VCID-87uy-3q5r-r3b7

vulnerability_id VCID-87uy-3q5r-r3b7

summary openssh: scp can send duplicate responses to the server upon a utimes system call failure leading to overwrite of arbitrary files

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json

reference_url

reference_id

reference_type

scores

value	0.00828
scoring_system	epss
scoring_elements	0.74452
published_at	2026-04-01T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74456
published_at	2026-04-02T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74483
published_at	2026-04-04T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74457
published_at	2026-04-07T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74489
published_at	2026-04-08T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74505
published_at	2026-04-09T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74527
published_at	2026-04-11T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74508
published_at	2026-04-12T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.745
published_at	2026-04-13T12:55:00Z

value	0.00828
scoring_system	epss
scoring_elements	0.74537
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-12062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1854145
reference_id	1854145
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1854145

fixed_packages

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3

aliases CVE-2020-12062

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87uy-3q5r-r3b7

url VCID-a7kr-mfau-bufd

vulnerability_id VCID-a7kr-mfau-bufd

summary regression update

references

fixed_packages

url pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

purl pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-zncv-645p-f3gn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2

aliases DSA-4539-2 openssh

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7kr-mfau-bufd

url VCID-aaue-a343-u7f5

vulnerability_id VCID-aaue-a343-u7f5

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-6563

reference_id

reference_type

scores

value	0.00099
scoring_system	epss
scoring_elements	0.2761
published_at	2026-04-01T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.2765
published_at	2026-04-02T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27687
published_at	2026-04-04T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.2748
published_at	2026-04-07T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27548
published_at	2026-04-08T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.2759
published_at	2026-04-09T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27595
published_at	2026-04-11T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27551
published_at	2026-04-12T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27494
published_at	2026-04-13T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27501
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-6563

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252844
reference_id	1252844
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252844

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
reference_id	795711
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711

reference_url	https://security.gentoo.org/glsa/201512-04
reference_id	GLSA-201512-04
reference_type
scores
url	https://security.gentoo.org/glsa/201512-04

reference_url	https://access.redhat.com/errata/RHSA-2015:2088
reference_id	RHSA-2015:2088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2088

reference_url	https://access.redhat.com/errata/RHSA-2016:0741
reference_id	RHSA-2016:0741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0741

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2015-6563

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aaue-a343-u7f5

url VCID-bdnh-bkx5-h3fe

vulnerability_id VCID-bdnh-bkx5-h3fe

summary openssh: out-of-bounds read in packet handling code

references

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json

reference_url	https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0
reference_id
reference_type
scores
url	https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1907

reference_id

reference_type

scores

value	0.00474
scoring_system	epss
scoring_elements	0.64802
published_at	2026-04-16T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64764
published_at	2026-04-13T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64681
published_at	2026-04-01T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64733
published_at	2026-04-02T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64761
published_at	2026-04-04T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64724
published_at	2026-04-07T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64771
published_at	2026-04-08T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64786
published_at	2026-04-09T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64803
published_at	2026-04-11T12:55:00Z

value	0.00474
scoring_system	epss
scoring_elements	0.64791
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1907

reference_url	https://bto.bluecoat.com/security-advisory/sa109
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa109

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_url	http://www.openssh.com/txt/release-7.1p2
reference_id
reference_type
scores
url	http://www.openssh.com/txt/release-7.1p2

reference_url	http://www.securityfocus.com/bid/81293
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81293

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1298746
reference_id	1298746
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1298746

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.9:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:7.0:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:7.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1907

reference_id

CVE-2016-1907

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1907

reference_url	https://usn.ubuntu.com/2966-1/
reference_id	USN-2966-1
reference_type
scores
url	https://usn.ubuntu.com/2966-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-1907

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bdnh-bkx5-h3fe

url VCID-c72q-f2cy-eqgc

vulnerability_id VCID-c72q-f2cy-eqgc

summary openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10708

reference_id

reference_type

scores

value	0.0312
scoring_system	epss
scoring_elements	0.86783
published_at	2026-04-01T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86794
published_at	2026-04-02T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86813
published_at	2026-04-04T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86807
published_at	2026-04-07T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86827
published_at	2026-04-08T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86835
published_at	2026-04-09T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86848
published_at	2026-04-11T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86844
published_at	2026-04-12T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.8684
published_at	2026-04-13T12:55:00Z

value	0.0312
scoring_system	epss
scoring_elements	0.86857
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10708

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1537929
reference_id	1537929
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1537929

reference_url	https://access.redhat.com/errata/RHSA-2017:2029
reference_id	RHSA-2017:2029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2029

reference_url	https://usn.ubuntu.com/3809-1/
reference_id	USN-3809-1
reference_type
scores
url	https://usn.ubuntu.com/3809-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-10708

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c72q-f2cy-eqgc

url VCID-e3hw-afkw-f7bt

vulnerability_id VCID-e3hw-afkw-f7bt

summary

Multiple vulnerabilities have been found in OpenSSH, allowing
    attackers to leak client memory to a server, including private keys.

references

reference_url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
reference_id
reference_type
scores
url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734

reference_url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html

reference_url	http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

reference_id

reference_type

scores

value	0.02029
scoring_system	epss
scoring_elements	0.83826
published_at	2026-04-16T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83787
published_at	2026-04-09T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83803
published_at	2026-04-11T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83797
published_at	2026-04-12T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83792
published_at	2026-04-13T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83755
published_at	2026-04-04T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83757
published_at	2026-04-07T12:55:00Z

value	0.02029
scoring_system	epss
scoring_elements	0.83781
published_at	2026-04-08T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.83999
published_at	2026-04-02T12:55:00Z

value	0.02099
scoring_system	epss
scoring_elements	0.83985
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

reference_url	https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
reference_id
reference_type
scores
url	https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/

reference_url	https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
reference_id
reference_type
scores
url	https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/

reference_url	https://bto.bluecoat.com/security-advisory/sa109
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa109

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778

reference_url	http://seclists.org/fulldisclosure/2016/Jan/44
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/Jan/44

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

reference_url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
reference_id
reference_type
scores
url	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

reference_url	https://support.apple.com/HT206167
reference_id
reference_type
scores
url	https://support.apple.com/HT206167

reference_url	http://www.debian.org/security/2016/dsa-3446
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3446

reference_url	http://www.openssh.com/txt/release-7.1p2
reference_id
reference_type
scores
url	http://www.openssh.com/txt/release-7.1p2

reference_url	http://www.openwall.com/lists/oss-security/2016/01/14/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/14/7

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.securityfocus.com/archive/1/537295/100/0/threaded
reference_id
reference_type
scores
url	http://www.securityfocus.com/archive/1/537295/100/0/threaded

reference_url	http://www.securityfocus.com/bid/80698
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/80698

reference_url	http://www.securitytracker.com/id/1034671
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034671

reference_url	http://www.ubuntu.com/usn/USN-2869-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2869-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1298033
reference_id	1298033
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1298033

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.4:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.6:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.7:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:5.9:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.0:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.2:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.2:p2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.3:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.4:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.5:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.6:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.7:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.8:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:6.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:6.9:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:7.0:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1::::::
reference_id	cpe:2.3:a:openbsd:openssh:7.1:p1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:::::::*
reference_id	cpe:2.3:a:sophos:unified_threat_management_software:9.353:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system::::::::
reference_id	cpe:2.3:o:hp:virtual_customer_access_system::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
reference_id	cpe:2.3:o:oracle:linux:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-0778

reference_id

CVE-2016-0778

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-0778

reference_url	https://security.gentoo.org/glsa/201601-01
reference_id	GLSA-201601-01
reference_type
scores
url	https://security.gentoo.org/glsa/201601-01

reference_url	https://access.redhat.com/errata/RHSA-2016:0043
reference_id	RHSA-2016:0043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0043

reference_url	https://usn.ubuntu.com/2869-1/
reference_id	USN-2869-1
reference_type
scores
url	https://usn.ubuntu.com/2869-1/

fixed_packages

url pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4

purl pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11sf-sq1n-8ybk

vulnerability	VCID-27t6-mvt2-6kcd

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-4fj8-vfgx-pyh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-aaue-a343-u7f5

vulnerability	VCID-bdnh-bkx5-h3fe

vulnerability	VCID-c72q-f2cy-eqgc

vulnerability	VCID-e3hw-afkw-f7bt

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g5qe-8p8p-3kd6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hmqc-xunp-myap

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-kbba-6c9u-tygk

vulnerability	VCID-myec-kc76-9bc1

vulnerability	VCID-qt1x-kyuf-gker

vulnerability	VCID-t1sg-4bvj-qqfk

vulnerability	VCID-u21t-acnr-dub2

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v1vq-wecd-1ud9

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vj3u-a1c3-6qe5

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-wkpy-uwex-93db

vulnerability	VCID-yrzy-er8x-c3ad

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-0778

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3hw-afkw-f7bt

url VCID-fczw-59xy-83c6

vulnerability_id VCID-fczw-59xy-83c6

summary openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-41617

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50737
published_at	2026-04-01T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50835
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50874
published_at	2026-04-16T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50851
published_at	2026-04-12T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50794
published_at	2026-04-02T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50819
published_at	2026-04-04T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50777
published_at	2026-04-07T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50833
published_at	2026-04-08T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50832
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-41617

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2008291
reference_id	2008291
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2008291

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130
reference_id	995130
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130

reference_url

https://security.archlinux.org/AVG-2422

reference_id

AVG-2422

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2422

reference_url	https://access.redhat.com/errata/RHSA-2021:4782
reference_id	RHSA-2021:4782
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4782

reference_url	https://access.redhat.com/errata/RHSA-2022:2013
reference_id	RHSA-2022:2013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:2013

reference_url	https://usn.ubuntu.com/5666-1/
reference_id	USN-5666-1
reference_type
scores
url	https://usn.ubuntu.com/5666-1/

reference_url	https://usn.ubuntu.com/6565-1/
reference_id	USN-6565-1
reference_type
scores
url	https://usn.ubuntu.com/6565-1/

fixed_packages

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3

aliases CVE-2021-41617

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fczw-59xy-83c6

url VCID-g5qe-8p8p-3kd6

vulnerability_id VCID-g5qe-8p8p-3kd6

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which allows remote attackers to cause Denial of Service.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-2588.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-2588.html

reference_url	http://rhn.redhat.com/errata/RHSA-2017-0641.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2017-0641.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json

reference_url	https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
reference_id
reference_type
scores
url	https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8325

reference_id

reference_type

scores

value	0.0011
scoring_system	epss
scoring_elements	0.29386
published_at	2026-04-01T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29352
published_at	2026-04-16T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29424
published_at	2026-04-09T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29428
published_at	2026-04-11T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.2933
published_at	2026-04-13T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29454
published_at	2026-04-02T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29502
published_at	2026-04-04T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29319
published_at	2026-04-07T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29383
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8325

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:S/C:C/I:C/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html
reference_id
reference_type
scores
url	https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html

reference_url	https://security.netapp.com/advisory/ntap-20180628-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20180628-0001/

reference_url	https://security-tracker.debian.org/tracker/CVE-2015-8325
reference_id
reference_type
scores
url	https://security-tracker.debian.org/tracker/CVE-2015-8325

reference_url	http://www.debian.org/security/2016/dsa-3550
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3550

reference_url	http://www.securityfocus.com/bid/86187
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/86187

reference_url	http://www.securitytracker.com/id/1036487
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1036487

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1328012
reference_id	1328012
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1328012

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::p2::::::*
reference_id	cpe:2.3:a:openbsd:openssh::p2::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::p2::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_core:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_core:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_core:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_touch:15.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_touch:15.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_touch:15.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8325

reference_id

CVE-2015-8325

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8325

reference_url	https://security.gentoo.org/glsa/201612-18
reference_id	GLSA-201612-18
reference_type
scores
url	https://security.gentoo.org/glsa/201612-18

reference_url	https://access.redhat.com/errata/RHSA-2016:2588
reference_id	RHSA-2016:2588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2588

reference_url	https://access.redhat.com/errata/RHSA-2017:0641
reference_id	RHSA-2017:0641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:0641

reference_url	https://usn.ubuntu.com/2966-1/
reference_id	USN-2966-1
reference_type
scores
url	https://usn.ubuntu.com/2966-1/

fixed_packages

url pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4

purl pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-11sf-sq1n-8ybk

vulnerability	VCID-27t6-mvt2-6kcd

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-4fj8-vfgx-pyh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-aaue-a343-u7f5

vulnerability	VCID-bdnh-bkx5-h3fe

vulnerability	VCID-c72q-f2cy-eqgc

vulnerability	VCID-e3hw-afkw-f7bt

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g5qe-8p8p-3kd6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hmqc-xunp-myap

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-kbba-6c9u-tygk

vulnerability	VCID-myec-kc76-9bc1

vulnerability	VCID-qt1x-kyuf-gker

vulnerability	VCID-t1sg-4bvj-qqfk

vulnerability	VCID-u21t-acnr-dub2

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v1vq-wecd-1ud9

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vj3u-a1c3-6qe5

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-wkpy-uwex-93db

vulnerability	VCID-yrzy-er8x-c3ad

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2015-8325

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g5qe-8p8p-3kd6

url VCID-g8g3-ts9j-8uab

vulnerability_id VCID-g8g3-ts9j-8uab

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to gain unauthorized access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6109

reference_id

reference_type

scores

value	0.07414
scoring_system	epss
scoring_elements	0.91703
published_at	2026-04-01T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92953
published_at	2026-04-16T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92942
published_at	2026-04-12T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92943
published_at	2026-04-13T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92924
published_at	2026-04-02T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92928
published_at	2026-04-04T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92927
published_at	2026-04-07T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92935
published_at	2026-04-08T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92939
published_at	2026-04-09T12:55:00Z

value	0.09738
scoring_system	epss
scoring_elements	0.92944
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6109

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666119
reference_id	1666119
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666119

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412
reference_id	793412
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412

reference_url	https://security.archlinux.org/ASA-201904-11
reference_id	ASA-201904-11
reference_type
scores
url	https://security.archlinux.org/ASA-201904-11

reference_url

reference_id

AVG-951

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json

reference_url	https://security.gentoo.org/glsa/201903-16
reference_id	GLSA-201903-16
reference_type
scores
url	https://security.gentoo.org/glsa/201903-16

reference_url	https://access.redhat.com/errata/RHSA-2019:3702
reference_id	RHSA-2019:3702
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3702

reference_url	https://usn.ubuntu.com/3885-1/
reference_id	USN-3885-1
reference_type
scores
url	https://usn.ubuntu.com/3885-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

url pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

purl pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-zncv-645p-f3gn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2

aliases CVE-2019-6109

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8g3-ts9j-8uab

url VCID-ge2m-my5w-z3eb

vulnerability_id VCID-ge2m-my5w-z3eb

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to execute arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-28041

reference_id

reference_type

scores

value	0.0024
scoring_system	epss
scoring_elements	0.46999
published_at	2026-04-01T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47114
published_at	2026-04-16T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47051
published_at	2026-04-12T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47058
published_at	2026-04-13T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47036
published_at	2026-04-02T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47054
published_at	2026-04-04T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47002
published_at	2026-04-07T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47057
published_at	2026-04-08T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47053
published_at	2026-04-09T12:55:00Z

value	0.0024
scoring_system	epss
scoring_elements	0.47077
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-28041

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1935055
reference_id	1935055
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1935055

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940
reference_id	984940
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940

reference_url	https://security.archlinux.org/ASA-202103-6
reference_id	ASA-202103-6
reference_type
scores
url	https://security.archlinux.org/ASA-202103-6

reference_url

https://security.archlinux.org/AVG-1657

reference_id

AVG-1657

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1657

reference_url	https://security.gentoo.org/glsa/202105-35
reference_id	GLSA-202105-35
reference_type
scores
url	https://security.gentoo.org/glsa/202105-35

reference_url	https://usn.ubuntu.com/4762-1/
reference_id	USN-4762-1
reference_type
scores
url	https://usn.ubuntu.com/4762-1/

fixed_packages

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3

aliases CVE-2021-28041

risk_score 3.2

exploitability 0.5

weighted_severity 6.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2m-my5w-z3eb

url VCID-gzmm-8kvw-6qbv

vulnerability_id VCID-gzmm-8kvw-6qbv

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to gain unauthorized access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6111

reference_id

reference_type

scores

value	0.54405
scoring_system	epss
scoring_elements	0.98025
published_at	2026-04-12T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98021
published_at	2026-04-09T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.9802
published_at	2026-04-08T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98016
published_at	2026-04-07T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98014
published_at	2026-04-04T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98032
published_at	2026-04-16T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98012
published_at	2026-04-02T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98026
published_at	2026-04-13T12:55:00Z

value	0.54405
scoring_system	epss
scoring_elements	0.98007
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6111

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.openwall.com/lists/oss-security/2019/04/18/1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

http://www.openwall.com/lists/oss-security/2019/04/18/1

reference_url

http://www.openwall.com/lists/oss-security/2022/08/02/1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

http://www.openwall.com/lists/oss-security/2022/08/02/1

reference_url

http://www.securityfocus.com/bid/106741

reference_id

106741

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

http://www.securityfocus.com/bid/106741

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666127
reference_id	1666127
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666127

reference_url

https://www.exploit-db.com/exploits/46193/

reference_id

46193

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://www.exploit-db.com/exploits/46193/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486
reference_id	923486
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486

reference_url	https://security.archlinux.org/ASA-201904-11
reference_id	ASA-201904-11
reference_type
scores
url	https://security.archlinux.org/ASA-201904-11

reference_url

reference_id

AVG-951

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E

reference_url

reference_id

c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E

reference_url

https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E

reference_id

c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E

reference_url

https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E

reference_id

d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E

reference_url

reference_id

dsa-4387

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E

reference_url

reference_id

e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E

reference_url

https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc

reference_id

FreeBSD-EN-19:10.scp.asc

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc

reference_url

reference_id

GLSA-201903-16

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html

reference_url

reference_id

msg00030.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html

reference_id

msg00058.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html

reference_url

https://security.netapp.com/advisory/ntap-20190213-0001/

reference_id

ntap-20190213-0001

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://security.netapp.com/advisory/ntap-20190213-0001/

reference_url

reference_id

RHSA-2019:3702

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c

reference_url

reference_id

scp.c

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1677794

reference_id

show_bug.cgi?id=1677794

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=1677794

reference_url

reference_id

USN-3885-1

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://usn.ubuntu.com/3885-2/

reference_url

reference_id

USN-3885-2

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://usn.ubuntu.com/3885-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/

reference_id

W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

url pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

purl pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-zncv-645p-f3gn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2

aliases CVE-2019-6111

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gzmm-8kvw-6qbv

url VCID-ha8v-pqwf-r3a1

vulnerability_id VCID-ha8v-pqwf-r3a1

summary Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-26465

reference_id

reference_type

scores

value	0.73605
scoring_system	epss
scoring_elements	0.98813
published_at	2026-04-16T12:55:00Z

value	0.73605
scoring_system	epss
scoring_elements	0.98804
published_at	2026-04-09T12:55:00Z

value	0.73605
scoring_system	epss
scoring_elements	0.98809
published_at	2026-04-13T12:55:00Z

value	0.73605
scoring_system	epss
scoring_elements	0.98808
published_at	2026-04-12T12:55:00Z

value	0.73605
scoring_system	epss
scoring_elements	0.98807
published_at	2026-04-11T12:55:00Z

value	0.73977
scoring_system	epss
scoring_elements	0.98815
published_at	2026-04-02T12:55:00Z

value	0.73977
scoring_system	epss
scoring_elements	0.98818
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-26465

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://seclists.org/oss-sec/2025/q1/144

reference_id

144

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://seclists.org/oss-sec/2025/q1/144

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2344780

reference_id

2344780

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2344780

reference_url

https://access.redhat.com/solutions/7109879

reference_id

7109879

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/solutions/7109879

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id	cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-26465

reference_id

CVE-2025-26465

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/security/cve/CVE-2025-26465

reference_url	https://security.gentoo.org/glsa/202502-01
reference_id	GLSA-202502-01
reference_type
scores
url	https://security.gentoo.org/glsa/202502-01

reference_url

https://access.redhat.com/errata/RHSA-2025:16823

reference_id

RHSA-2025:16823

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/errata/RHSA-2025:16823

reference_url

https://access.redhat.com/errata/RHSA-2025:3837

reference_id

RHSA-2025:3837

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/errata/RHSA-2025:3837

reference_url

https://access.redhat.com/errata/RHSA-2025:6993

reference_id

RHSA-2025:6993

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/errata/RHSA-2025:6993

reference_url

https://access.redhat.com/errata/RHSA-2025:8385

reference_id

RHSA-2025:8385

reference_type

scores

value	6.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/

url

https://access.redhat.com/errata/RHSA-2025:8385

reference_url	https://usn.ubuntu.com/7270-1/
reference_id	USN-7270-1
reference_type
scores
url	https://usn.ubuntu.com/7270-1/

reference_url	https://usn.ubuntu.com/7270-2/
reference_id	USN-7270-2
reference_type
scores
url	https://usn.ubuntu.com/7270-2/

fixed_packages

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7

aliases CVE-2025-26465

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ha8v-pqwf-r3a1

url VCID-hmqc-xunp-myap

vulnerability_id VCID-hmqc-xunp-myap

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which allows remote attackers to cause Denial of Service.

references

reference_url	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c
reference_id
reference_type
scores
url	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c

reference_url	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h
reference_id
reference_type
scores
url	http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html

reference_url	http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0465.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0465.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0466.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0466.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-3115

reference_id

reference_type

scores

value	0.43987
scoring_system	epss
scoring_elements	0.97547
published_at	2026-04-16T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97538
published_at	2026-04-12T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97539
published_at	2026-04-13T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97514
published_at	2026-04-01T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97521
published_at	2026-04-02T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97523
published_at	2026-04-04T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97525
published_at	2026-04-07T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97531
published_at	2026-04-08T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97532
published_at	2026-04-09T12:55:00Z

value	0.43987
scoring_system	epss
scoring_elements	0.97536
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-3115

reference_url	https://bto.bluecoat.com/security-advisory/sa121
reference_id
reference_type
scores
url	https://bto.bluecoat.com/security-advisory/sa121

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115

reference_url	http://seclists.org/fulldisclosure/2016/Mar/46
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/Mar/46

reference_url	http://seclists.org/fulldisclosure/2016/Mar/47
reference_id
reference_type
scores
url	http://seclists.org/fulldisclosure/2016/Mar/47

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
reference_id
reference_type
scores
url	https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html

reference_url	https://www.exploit-db.com/exploits/39569/
reference_id
reference_type
scores
url	https://www.exploit-db.com/exploits/39569/

reference_url	https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc
reference_id
reference_type
scores
url	https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc

reference_url	http://www.openssh.com/txt/x11fwd.adv
reference_id
reference_type
scores
url	http://www.openssh.com/txt/x11fwd.adv

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/84314
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84314

reference_url	http://www.securitytracker.com/id/1035249
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035249

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1316829
reference_id	1316829
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1316829

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::p1::::::*
reference_id	cpe:2.3:a:openbsd:openssh::p1::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::p1::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:::::::*
reference_id	cpe:2.3:o:oracle:vm_server:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:::::::*

reference_url	https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115
reference_id	CVE-2016-3115
reference_type	exploit
scores
url	https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py
reference_id	CVE-2016-3115
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-3115

reference_id

CVE-2016-3115

reference_type

scores

value	5.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:P/I:P/A:N

value	6.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2016-3115

reference_url	https://security.gentoo.org/glsa/201612-18
reference_id	GLSA-201612-18
reference_type
scores
url	https://security.gentoo.org/glsa/201612-18

reference_url	https://access.redhat.com/errata/RHSA-2016:0465
reference_id	RHSA-2016:0465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0465

reference_url	https://access.redhat.com/errata/RHSA-2016:0466
reference_id	RHSA-2016:0466
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0466

reference_url	https://usn.ubuntu.com/2966-1/
reference_id	USN-2966-1
reference_type
scores
url	https://usn.ubuntu.com/2966-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-3115

risk_score 10.0

exploitability 2.0

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmqc-xunp-myap

url VCID-hse5-y15y-n3dw

vulnerability_id VCID-hse5-y15y-n3dw

summary openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-32728

reference_id

reference_type

scores

value	0.00274
scoring_system	epss
scoring_elements	0.50759
published_at	2026-04-02T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50835
published_at	2026-04-16T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50785
published_at	2026-04-04T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50741
published_at	2026-04-07T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50797
published_at	2026-04-13T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50794
published_at	2026-04-09T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50837
published_at	2026-04-11T12:55:00Z

value	0.00274
scoring_system	epss
scoring_elements	0.50813
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-32728

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig

reference_id

013_ssh.patch.sig

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/

url

https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig

reference_url

https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html

reference_id

041879.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/

url

https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603
reference_id	1102603
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2358767
reference_id	2358767
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2358767

reference_url

https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367

reference_id

fc86875e6acb36401dfc1dfb6b628a9d1460f367

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/

url

https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367

reference_url

https://www.openssh.com/txt/release-10.0

reference_id

release-10.0

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/

url

https://www.openssh.com/txt/release-10.0

reference_url

https://www.openssh.com/txt/release-7.4

reference_id

release-7.4

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/

url

https://www.openssh.com/txt/release-7.4

reference_url	https://access.redhat.com/errata/RHSA-2025:20126
reference_id	RHSA-2025:20126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:20126

reference_url	https://usn.ubuntu.com/7457-1/
reference_id	USN-7457-1
reference_type
scores
url	https://usn.ubuntu.com/7457-1/

fixed_packages

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7

aliases CVE-2025-32728

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hse5-y15y-n3dw

url VCID-jzn6-bzzf-nugp

vulnerability_id VCID-jzn6-bzzf-nugp

summary

Improper Validation of Integrity Check Value
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

references

reference_url

http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-48795

reference_id

reference_type

scores

value	0.5673
scoring_system	epss
scoring_elements	0.98124
published_at	2026-04-09T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98134
published_at	2026-04-16T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98129
published_at	2026-04-13T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98128
published_at	2026-04-12T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98114
published_at	2026-04-02T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98118
published_at	2026-04-04T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98119
published_at	2026-04-07T12:55:00Z

value	0.5673
scoring_system	epss
scoring_elements	0.98123
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-48795

reference_url

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack

reference_url

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/

reference_url

https://bugs.gentoo.org/920280

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://bugs.gentoo.org/920280

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2254210

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2254210

reference_url

https://bugzilla.suse.com/show_bug.cgi?id=1217950

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://bugzilla.suse.com/show_bug.cgi?id=1217950

reference_url

https://crates.io/crates/thrussh/versions

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://crates.io/crates/thrussh/versions

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918

reference_url

http://seclists.org/fulldisclosure/2024/Mar/21

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://seclists.org/fulldisclosure/2024/Mar/21

reference_url

https://filezilla-project.org/versions.php

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://filezilla-project.org/versions.php

reference_url

https://forum.netgate.com/topic/184941/terrapin-ssh-attack

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://forum.netgate.com/topic/184941/terrapin-ssh-attack

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/apache/mina-sshd/issues/445

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/apache/mina-sshd/issues/445

reference_url

https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab

reference_url

https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22

reference_url

https://github.com/cyd01/KiTTY/issues/520

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/cyd01/KiTTY/issues/520

reference_url

https://github.com/drakkan/sftpgo/releases/tag/v2.5.6

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/drakkan/sftpgo/releases/tag/v2.5.6

reference_url

https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42

reference_url

https://github.com/erlang/otp/releases/tag/OTP-26.2.1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/erlang/otp/releases/tag/OTP-26.2.1

reference_url

https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d

reference_url

https://github.com/hierynomus/sshj/issues/916

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/hierynomus/sshj/issues/916

reference_url

https://github.com/janmojzis/tinyssh/issues/81

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/janmojzis/tinyssh/issues/81

reference_url

https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5

reference_url

https://github.com/libssh2/libssh2/pull/1291

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/libssh2/libssh2/pull/1291

reference_url

https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25

reference_url

https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3

reference_url

https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15

reference_url

https://github.com/mwiede/jsch/issues/457

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/mwiede/jsch/issues/457

reference_url

https://github.com/mwiede/jsch/pull/461

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/mwiede/jsch/pull/461

reference_url

https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16

reference_url

https://github.com/NixOS/nixpkgs/pull/275249

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/NixOS/nixpkgs/pull/275249

reference_url

https://github.com/openssh/openssh-portable/commits/master

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/openssh/openssh-portable/commits/master

reference_url

https://github.com/paramiko/paramiko/issues/2337

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/paramiko/paramiko/issues/2337

reference_url

https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773

reference_url

https://github.com/PowerShell/Win32-OpenSSH/issues/2189

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/PowerShell/Win32-OpenSSH/issues/2189

reference_url

https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta

reference_url

https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES

reference_url

https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES

reference_url

https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES

reference_url

https://github.com/proftpd/proftpd/issues/456

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/proftpd/proftpd/issues/456

reference_url

https://github.com/rapier1/hpn-ssh/releases

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/rapier1/hpn-ssh/releases

reference_url

https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst

reference_url

https://github.com/ronf/asyncssh/tags

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/ronf/asyncssh/tags

reference_url

https://github.com/ssh-mitm/ssh-mitm/issues/165

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/ssh-mitm/ssh-mitm/issues/165

reference_url

https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0

reference_url

https://github.com/TeraTermProject/teraterm/releases/tag/v5.1

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/TeraTermProject/teraterm/releases/tag/v5.1

reference_url

https://github.com/warp-tech/russh

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/warp-tech/russh

reference_url

https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951

reference_url

https://github.com/warp-tech/russh/releases/tag/v0.40.2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/warp-tech/russh/releases/tag/v0.40.2

reference_url

https://gitlab.com/libssh/libssh-mirror/-/tags

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://gitlab.com/libssh/libssh-mirror/-/tags

reference_url

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6

reference_url

https://go.dev/cl/550715

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go.dev/cl/550715

reference_url

https://go.dev/issue/64784

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://go.dev/issue/64784

reference_url

https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ

reference_url

https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg

reference_url

https://help.panic.com/releasenotes/transmit5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://help.panic.com/releasenotes/transmit5

reference_url

https://help.panic.com/releasenotes/transmit5/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://help.panic.com/releasenotes/transmit5/

reference_url

https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795

reference_url

https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/

reference_url

https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html

reference_url

https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html

reference_url

https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3

100

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC

101

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP

102

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG

103

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7

104

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM

105

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB

106

reference_url

https://matt.ucc.asn.au/dropbear/CHANGES

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://matt.ucc.asn.au/dropbear/CHANGES

107

reference_url

https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC

108

reference_url

https://news.ycombinator.com/item?id=38684904

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://news.ycombinator.com/item?id=38684904

109

reference_url

https://news.ycombinator.com/item?id=38685286

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://news.ycombinator.com/item?id=38685286

110

reference_url

https://news.ycombinator.com/item?id=38732005

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://news.ycombinator.com/item?id=38732005

111

reference_url

https://nova.app/releases/#v11.8

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://nova.app/releases/#v11.8

112

reference_url

https://oryx-embedded.com/download/#changelog

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://oryx-embedded.com/download/#changelog

113

reference_url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002

114

reference_url

https://roumenpetrov.info/secsh/#news20231220

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://roumenpetrov.info/secsh/#news20231220

115

reference_url

https://security.gentoo.org/glsa/202312-16

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security.gentoo.org/glsa/202312-16

116

reference_url

https://security.gentoo.org/glsa/202312-17

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security.gentoo.org/glsa/202312-17

117

reference_url

https://security.netapp.com/advisory/ntap-20240105-0004

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240105-0004

118

reference_url

https://security-tracker.debian.org/tracker/source-package/libssh2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security-tracker.debian.org/tracker/source-package/libssh2

119

reference_url

https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg

120

reference_url

https://security-tracker.debian.org/tracker/source-package/trilead-ssh2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security-tracker.debian.org/tracker/source-package/trilead-ssh2

121

reference_url

https://support.apple.com/kb/HT214084

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://support.apple.com/kb/HT214084

122

reference_url

https://twitter.com/TrueSkrillor/status/1736774389725565005

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://twitter.com/TrueSkrillor/status/1736774389725565005

123

reference_url

https://winscp.net/eng/docs/history#6.2.2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://winscp.net/eng/docs/history#6.2.2

124

reference_url

https://www.bitvise.com/ssh-client-version-history#933

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.bitvise.com/ssh-client-version-history#933

125

reference_url

https://www.bitvise.com/ssh-server-version-history

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.bitvise.com/ssh-server-version-history

126

reference_url

https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html

127

reference_url

https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update

128

reference_url

https://www.debian.org/security/2023/dsa-5586

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.debian.org/security/2023/dsa-5586

129

reference_url

https://www.debian.org/security/2023/dsa-5588

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.debian.org/security/2023/dsa-5588

130

reference_url

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc

131

reference_url

https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508

132

reference_url

https://www.netsarang.com/en/xshell-update-history

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.netsarang.com/en/xshell-update-history

133

reference_url

https://www.netsarang.com/en/xshell-update-history/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.netsarang.com/en/xshell-update-history/

134

reference_url

https://www.openssh.com/openbsd.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.openssh.com/openbsd.html

135

reference_url

https://www.openssh.com/txt/release-9.6

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.openssh.com/txt/release-9.6

136

reference_url

https://www.openwall.com/lists/oss-security/2023/12/18/2

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.openwall.com/lists/oss-security/2023/12/18/2

137

reference_url

https://www.openwall.com/lists/oss-security/2023/12/20/3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.openwall.com/lists/oss-security/2023/12/20/3

138

reference_url

https://www.paramiko.org/changelog.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.paramiko.org/changelog.html

139

reference_url

https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed

140

reference_url

https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/

141

reference_url

https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795

142

reference_url

https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/

143

reference_url

https://www.terrapin-attack.com

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.terrapin-attack.com

144

reference_url

https://www.theregister.com/2023/12/20/terrapin_attack_ssh

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.theregister.com/2023/12/20/terrapin_attack_ssh

145

reference_url

https://www.vandyke.com/products/securecrt/history.txt

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://www.vandyke.com/products/securecrt/history.txt

146

reference_url

http://www.openwall.com/lists/oss-security/2023/12/18/3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://www.openwall.com/lists/oss-security/2023/12/18/3

147

reference_url

http://www.openwall.com/lists/oss-security/2023/12/19/5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://www.openwall.com/lists/oss-security/2023/12/19/5

148

reference_url

http://www.openwall.com/lists/oss-security/2023/12/20/3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://www.openwall.com/lists/oss-security/2023/12/20/3

149

reference_url

http://www.openwall.com/lists/oss-security/2024/03/06/3

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://www.openwall.com/lists/oss-security/2024/03/06/3

150

reference_url

http://www.openwall.com/lists/oss-security/2024/04/17/8

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

http://www.openwall.com/lists/oss-security/2024/04/17/8

151

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
reference_id	1059001
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001

152

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
reference_id	1059002
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002

153

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
reference_id	1059003
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003

154

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
reference_id	1059004
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004

155

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
reference_id	1059005
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005

156

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
reference_id	1059006
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006

157

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
reference_id	1059007
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007

158

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
reference_id	1059058
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058

159

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
reference_id	1059144
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144

160

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
reference_id	1059290
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290

161

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
reference_id	1059294
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294

162

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/

reference_id

33XHJUB6ROFUOH2OQNENFROTVH6MHSHA

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/

163

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/

reference_id

3CAYYW35MUTNO65RVAELICTNZZFMT2XS

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/

164

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/

reference_id

3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/

165

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/

reference_id

6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/

166

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/

reference_id

BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/

167

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/

reference_id

C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/

168

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/

reference_id

CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/

169

reference_url

https://access.redhat.com/security/cve/cve-2023-48795

reference_id

CVE-2023-48795

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://access.redhat.com/security/cve/cve-2023-48795

170

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-48795

reference_id

CVE-2023-48795

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-48795

171

reference_url

https://security-tracker.debian.org/tracker/CVE-2023-48795

reference_id

CVE-2023-48795

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security-tracker.debian.org/tracker/CVE-2023-48795

172

reference_url

https://ubuntu.com/security/CVE-2023-48795

reference_id

CVE-2023-48795

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://ubuntu.com/security/CVE-2023-48795

173

reference_url

https://thorntech.com/cve-2023-48795-and-sftp-gateway

reference_id

CVE-2023-48795-AND-SFTP-GATEWAY

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://thorntech.com/cve-2023-48795-and-sftp-gateway

174

reference_url

https://thorntech.com/cve-2023-48795-and-sftp-gateway/

reference_id

CVE-2023-48795-AND-SFTP-GATEWAY

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://thorntech.com/cve-2023-48795-and-sftp-gateway/

175

reference_url

https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit

reference_id

CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit

176

reference_url

https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability

reference_id

CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability

177

reference_url

https://github.com/advisories/GHSA-45x7-px36-x8w8

reference_id

GHSA-45x7-px36-x8w8

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://github.com/advisories/GHSA-45x7-px36-x8w8

178

reference_url

https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8

reference_id

GHSA-45x7-px36-x8w8

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8

179

reference_url	https://security.gentoo.org/glsa/202407-11
reference_id	GLSA-202407-11
reference_type
scores
url	https://security.gentoo.org/glsa/202407-11

180

reference_url	https://security.gentoo.org/glsa/202407-12
reference_id	GLSA-202407-12
reference_type
scores
url	https://security.gentoo.org/glsa/202407-12

181

reference_url	https://security.gentoo.org/glsa/202509-06
reference_id	GLSA-202509-06
reference_type
scores
url	https://security.gentoo.org/glsa/202509-06

182

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/

reference_id

HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/

183

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/

reference_id

I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/

184

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/

reference_id

KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/

185

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/

reference_id

L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/

186

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/

reference_id

LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/

187

reference_url

https://security.netapp.com/advisory/ntap-20240105-0004/

reference_id

ntap-20240105-0004

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/

url

https://security.netapp.com/advisory/ntap-20240105-0004/

188

reference_url	https://access.redhat.com/errata/RHSA-2023:7197
reference_id	RHSA-2023:7197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7197

189

reference_url	https://access.redhat.com/errata/RHSA-2023:7198
reference_id	RHSA-2023:7198
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7198

190

reference_url	https://access.redhat.com/errata/RHSA-2023:7201
reference_id	RHSA-2023:7201
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:7201

191

reference_url	https://access.redhat.com/errata/RHSA-2024:0040
reference_id	RHSA-2024:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0040

192

reference_url	https://access.redhat.com/errata/RHSA-2024:0429
reference_id	RHSA-2024:0429
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0429

193

reference_url	https://access.redhat.com/errata/RHSA-2024:0455
reference_id	RHSA-2024:0455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0455

194

reference_url	https://access.redhat.com/errata/RHSA-2024:0499
reference_id	RHSA-2024:0499
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0499

195

reference_url	https://access.redhat.com/errata/RHSA-2024:0538
reference_id	RHSA-2024:0538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0538

196

reference_url	https://access.redhat.com/errata/RHSA-2024:0594
reference_id	RHSA-2024:0594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0594

197

reference_url	https://access.redhat.com/errata/RHSA-2024:0606
reference_id	RHSA-2024:0606
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0606

198

reference_url	https://access.redhat.com/errata/RHSA-2024:0625
reference_id	RHSA-2024:0625
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0625

199

reference_url	https://access.redhat.com/errata/RHSA-2024:0628
reference_id	RHSA-2024:0628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0628

200

reference_url	https://access.redhat.com/errata/RHSA-2024:0766
reference_id	RHSA-2024:0766
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0766

201

reference_url	https://access.redhat.com/errata/RHSA-2024:0789
reference_id	RHSA-2024:0789
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0789

202

reference_url	https://access.redhat.com/errata/RHSA-2024:0843
reference_id	RHSA-2024:0843
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0843

203

reference_url	https://access.redhat.com/errata/RHSA-2024:0880
reference_id	RHSA-2024:0880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0880

204

reference_url	https://access.redhat.com/errata/RHSA-2024:0954
reference_id	RHSA-2024:0954
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0954

205

reference_url	https://access.redhat.com/errata/RHSA-2024:1130
reference_id	RHSA-2024:1130
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1130

206

reference_url	https://access.redhat.com/errata/RHSA-2024:1150
reference_id	RHSA-2024:1150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1150

207

reference_url	https://access.redhat.com/errata/RHSA-2024:1192
reference_id	RHSA-2024:1192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1192

208

reference_url	https://access.redhat.com/errata/RHSA-2024:1193
reference_id	RHSA-2024:1193
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1193

209

reference_url	https://access.redhat.com/errata/RHSA-2024:1196
reference_id	RHSA-2024:1196
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1196

210

reference_url	https://access.redhat.com/errata/RHSA-2024:1197
reference_id	RHSA-2024:1197
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1197

211

reference_url	https://access.redhat.com/errata/RHSA-2024:1210
reference_id	RHSA-2024:1210
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1210

212

reference_url	https://access.redhat.com/errata/RHSA-2024:1383
reference_id	RHSA-2024:1383
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1383

213

reference_url	https://access.redhat.com/errata/RHSA-2024:1557
reference_id	RHSA-2024:1557
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1557

214

reference_url	https://access.redhat.com/errata/RHSA-2024:1859
reference_id	RHSA-2024:1859
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1859

215

reference_url	https://access.redhat.com/errata/RHSA-2024:2728
reference_id	RHSA-2024:2728
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2728

216

reference_url	https://access.redhat.com/errata/RHSA-2024:2735
reference_id	RHSA-2024:2735
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2735

217

reference_url	https://access.redhat.com/errata/RHSA-2024:2768
reference_id	RHSA-2024:2768
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2768

218

reference_url	https://access.redhat.com/errata/RHSA-2024:2988
reference_id	RHSA-2024:2988
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2988

219

reference_url	https://access.redhat.com/errata/RHSA-2024:3479
reference_id	RHSA-2024:3479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3479

220

reference_url	https://access.redhat.com/errata/RHSA-2024:3634
reference_id	RHSA-2024:3634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3634

221

reference_url	https://access.redhat.com/errata/RHSA-2024:3635
reference_id	RHSA-2024:3635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3635

222

reference_url	https://access.redhat.com/errata/RHSA-2024:3636
reference_id	RHSA-2024:3636
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3636

223

reference_url	https://access.redhat.com/errata/RHSA-2024:3918
reference_id	RHSA-2024:3918
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3918

224

reference_url	https://access.redhat.com/errata/RHSA-2024:4010
reference_id	RHSA-2024:4010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4010

225

reference_url	https://access.redhat.com/errata/RHSA-2024:4151
reference_id	RHSA-2024:4151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4151

226

reference_url	https://access.redhat.com/errata/RHSA-2024:4329
reference_id	RHSA-2024:4329
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4329

227

reference_url	https://access.redhat.com/errata/RHSA-2024:4479
reference_id	RHSA-2024:4479
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4479

228

reference_url	https://access.redhat.com/errata/RHSA-2024:4484
reference_id	RHSA-2024:4484
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4484

229

reference_url	https://access.redhat.com/errata/RHSA-2024:4597
reference_id	RHSA-2024:4597
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4597

230

reference_url	https://access.redhat.com/errata/RHSA-2024:4662
reference_id	RHSA-2024:4662
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4662

231

reference_url	https://access.redhat.com/errata/RHSA-2024:4955
reference_id	RHSA-2024:4955
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4955

232

reference_url	https://access.redhat.com/errata/RHSA-2024:4959
reference_id	RHSA-2024:4959
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4959

233

reference_url	https://access.redhat.com/errata/RHSA-2024:5200
reference_id	RHSA-2024:5200
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5200

234

reference_url	https://access.redhat.com/errata/RHSA-2024:5432
reference_id	RHSA-2024:5432
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5432

235

reference_url	https://access.redhat.com/errata/RHSA-2024:5433
reference_id	RHSA-2024:5433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5433

236

reference_url	https://access.redhat.com/errata/RHSA-2024:5438
reference_id	RHSA-2024:5438
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5438

237

reference_url	https://access.redhat.com/errata/RHSA-2024:8235
reference_id	RHSA-2024:8235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8235

238

reference_url	https://access.redhat.com/errata/RHSA-2025:4664
reference_id	RHSA-2025:4664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4664

239

reference_url	https://usn.ubuntu.com/6560-1/
reference_id	USN-6560-1
reference_type
scores
url	https://usn.ubuntu.com/6560-1/

240

reference_url	https://usn.ubuntu.com/6560-2/
reference_id	USN-6560-2
reference_type
scores
url	https://usn.ubuntu.com/6560-2/

241

reference_url	https://usn.ubuntu.com/6561-1/
reference_id	USN-6561-1
reference_type
scores
url	https://usn.ubuntu.com/6561-1/

242

reference_url	https://usn.ubuntu.com/6585-1/
reference_id	USN-6585-1
reference_type
scores
url	https://usn.ubuntu.com/6585-1/

243

reference_url	https://usn.ubuntu.com/6589-1/
reference_id	USN-6589-1
reference_type
scores
url	https://usn.ubuntu.com/6589-1/

244

reference_url	https://usn.ubuntu.com/6598-1/
reference_id	USN-6598-1
reference_type
scores
url	https://usn.ubuntu.com/6598-1/

245

reference_url	https://usn.ubuntu.com/6738-1/
reference_id	USN-6738-1
reference_type
scores
url	https://usn.ubuntu.com/6738-1/

246

reference_url	https://usn.ubuntu.com/7051-1/
reference_id	USN-7051-1
reference_type
scores
url	https://usn.ubuntu.com/7051-1/

247

reference_url	https://usn.ubuntu.com/7292-1/
reference_id	USN-7292-1
reference_type
scores
url	https://usn.ubuntu.com/7292-1/

248

reference_url	https://usn.ubuntu.com/7297-1/
reference_id	USN-7297-1
reference_type
scores
url	https://usn.ubuntu.com/7297-1/

fixed_packages

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3

aliases CVE-2023-48795, GHSA-45x7-px36-x8w8

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp

url VCID-kbba-6c9u-tygk

vulnerability_id VCID-kbba-6c9u-tygk

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-5352

reference_id

reference_type

scores

value	0.0539
scoring_system	epss
scoring_elements	0.90079
published_at	2026-04-01T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90081
published_at	2026-04-02T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90093
published_at	2026-04-04T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90097
published_at	2026-04-07T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90113
published_at	2026-04-08T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90119
published_at	2026-04-09T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90128
published_at	2026-04-11T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90127
published_at	2026-04-12T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90121
published_at	2026-04-13T12:55:00Z

value	0.0539
scoring_system	epss
scoring_elements	0.90138
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1238231
reference_id	1238231
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1238231

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798
reference_id	790798
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798

reference_url	https://security.gentoo.org/glsa/201512-04
reference_id	GLSA-201512-04
reference_type
scores
url	https://security.gentoo.org/glsa/201512-04

reference_url	https://access.redhat.com/errata/RHSA-2016:0741
reference_id	RHSA-2016:0741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0741

reference_url	https://usn.ubuntu.com/2710-1/
reference_id	USN-2710-1
reference_type
scores
url	https://usn.ubuntu.com/2710-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2015-5352

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbba-6c9u-tygk

url VCID-myec-kc76-9bc1

vulnerability_id VCID-myec-kc76-9bc1

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which allows remote attackers to cause Denial of Service.

references

reference_url	http://openwall.com/lists/oss-security/2016/01/15/13
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2016/01/15/13

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0465.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0465.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-0741.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-0741.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json

reference_url	https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
reference_id
reference_type
scores
url	https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1908

reference_id

reference_type

scores

value	0.02179
scoring_system	epss
scoring_elements	0.84369
published_at	2026-04-16T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84351
published_at	2026-04-12T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84347
published_at	2026-04-13T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.8428
published_at	2026-04-01T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84292
published_at	2026-04-02T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84312
published_at	2026-04-04T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84314
published_at	2026-04-07T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84335
published_at	2026-04-08T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84341
published_at	2026-04-09T12:55:00Z

value	0.02179
scoring_system	epss
scoring_elements	0.84359
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1908

reference_url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id
reference_type
scores
url	https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.9
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html

reference_url	http://www.openssh.com/txt/release-7.2
reference_id
reference_type
scores
url	http://www.openssh.com/txt/release-7.2

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

reference_url	http://www.securityfocus.com/bid/84427
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/84427

reference_url	http://www.securitytracker.com/id/1034705
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1034705

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1298741
reference_id	1298741
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1298741

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::
reference_id	cpe:2.3:a:openbsd:openssh::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::
reference_id	cpe:2.3:o:oracle:linux:6:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::
reference_id	cpe:2.3:o:oracle:linux:7:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2016-1908

reference_id

CVE-2016-1908

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2016-1908

reference_url	https://security.gentoo.org/glsa/201612-18
reference_id	GLSA-201612-18
reference_type
scores
url	https://security.gentoo.org/glsa/201612-18

reference_url	https://access.redhat.com/errata/RHSA-2016:0465
reference_id	RHSA-2016:0465
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0465

reference_url	https://access.redhat.com/errata/RHSA-2016:0741
reference_id	RHSA-2016:0741
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0741

reference_url	https://usn.ubuntu.com/2966-1/
reference_id	USN-2966-1
reference_type
scores
url	https://usn.ubuntu.com/2966-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-1908

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-myec-kc76-9bc1

url VCID-qt1x-kyuf-gker

vulnerability_id VCID-qt1x-kyuf-gker

summary openssh: Leak of host private key material to privilege-separated child process via realloc()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json

reference_id

reference_type

scores

value	2.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10011

reference_id

reference_type

scores

value	0.00017
scoring_system	epss
scoring_elements	0.03889
published_at	2026-04-01T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03879
published_at	2026-04-16T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03929
published_at	2026-04-12T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03899
published_at	2026-04-13T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03928
published_at	2026-04-02T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03937
published_at	2026-04-04T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03948
published_at	2026-04-07T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03954
published_at	2026-04-08T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03978
published_at	2026-04-09T12:55:00Z

value	0.00017
scoring_system	epss
scoring_elements	0.03946
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	1
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:S/C:P/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406286
reference_id	1406286
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406286

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716
reference_id	848716
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716

reference_url	https://security.archlinux.org/ASA-201612-20
reference_id	ASA-201612-20
reference_type
scores
url	https://security.archlinux.org/ASA-201612-20

reference_url

reference_id

AVG-110

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5600

reference_url	https://access.redhat.com/errata/RHSA-2017:2029
reference_id	RHSA-2017:2029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2029

reference_url	https://usn.ubuntu.com/3538-1/
reference_id	USN-3538-1
reference_type
scores
url	https://usn.ubuntu.com/3538-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-10011

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt1x-kyuf-gker

url VCID-t1sg-4bvj-qqfk

vulnerability_id VCID-t1sg-4bvj-qqfk

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json

reference_url

reference_id

reference_type

scores

value	0.70907
scoring_system	epss
scoring_elements	0.9869
published_at	2026-04-01T12:55:00Z

value	0.70907
scoring_system	epss
scoring_elements	0.98691
published_at	2026-04-02T12:55:00Z

value	0.70907
scoring_system	epss
scoring_elements	0.98694
published_at	2026-04-04T12:55:00Z

value	0.70907
scoring_system	epss
scoring_elements	0.98697
published_at	2026-04-07T12:55:00Z

value	0.70907
scoring_system	epss
scoring_elements	0.98698
published_at	2026-04-08T12:55:00Z

value	0.73594
scoring_system	epss
scoring_elements	0.98803
published_at	2026-04-09T12:55:00Z

value	0.73594
scoring_system	epss
scoring_elements	0.98806
published_at	2026-04-11T12:55:00Z

value	0.73594
scoring_system	epss
scoring_elements	0.98807
published_at	2026-04-12T12:55:00Z

value	0.73594
scoring_system	epss
scoring_elements	0.98808
published_at	2026-04-13T12:55:00Z

value	0.73594
scoring_system	epss
scoring_elements	0.98812
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-5600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1245969
reference_id	1245969
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1245969

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616
reference_id	793616
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616

reference_url	https://security.gentoo.org/glsa/201512-04
reference_id	GLSA-201512-04
reference_type
scores
url	https://security.gentoo.org/glsa/201512-04

reference_url	https://access.redhat.com/errata/RHSA-2015:2088
reference_id	RHSA-2015:2088
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2088

reference_url	https://access.redhat.com/errata/RHSA-2016:0466
reference_id	RHSA-2016:0466
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:0466

reference_url	https://usn.ubuntu.com/2710-1/
reference_id	USN-2710-1
reference_type
scores
url	https://usn.ubuntu.com/2710-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2015-5600

risk_score 0.3

exploitability 0.5

weighted_severity 0.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t1sg-4bvj-qqfk

url VCID-u21t-acnr-dub2

vulnerability_id VCID-u21t-acnr-dub2

summary openssh: Bounds check can be evaded in the shared memory manager used by pre-authentication compression support

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json

reference_id

reference_type

scores

value	4.2
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10012

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05689
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05742
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05768
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05746
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05738
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05733
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05702
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05871
published_at	2026-04-02T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05904
published_at	2026-04-04T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05837
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406293
reference_id	1406293
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406293

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717
reference_id	848717
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717

reference_url	https://security.archlinux.org/ASA-201612-20
reference_id	ASA-201612-20
reference_type
scores
url	https://security.archlinux.org/ASA-201612-20

reference_url

reference_id

AVG-110

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json

reference_url	https://access.redhat.com/errata/RHSA-2017:2029
reference_id	RHSA-2017:2029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2029

reference_url	https://usn.ubuntu.com/3538-1/
reference_id	USN-3538-1
reference_type
scores
url	https://usn.ubuntu.com/3538-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-10012

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u21t-acnr-dub2

url VCID-ubjj-qb2c-n3d4

vulnerability_id VCID-ubjj-qb2c-n3d4

summary

An integer overflow in OpenSSH might allow an attacker to execute
    arbitrary code.

references

reference_url

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16905

reference_id

reference_type

scores

value	0.00271
scoring_system	epss
scoring_elements	0.5048
published_at	2026-04-01T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50537
published_at	2026-04-02T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50564
published_at	2026-04-04T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50518
published_at	2026-04-07T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50573
published_at	2026-04-08T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50569
published_at	2026-04-09T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50612
published_at	2026-04-11T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50588
published_at	2026-04-12T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50574
published_at	2026-04-13T12:55:00Z

value	0.00271
scoring_system	epss
scoring_elements	0.50616
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16905

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1767966
reference_id	1767966
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1767966

reference_url	https://security.gentoo.org/glsa/201911-01
reference_id	GLSA-201911-01
reference_type
scores
url	https://security.gentoo.org/glsa/201911-01

fixed_packages

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3

aliases CVE-2019-16905

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubjj-qb2c-n3d4

url VCID-v1vq-wecd-1ud9

vulnerability_id VCID-v1vq-wecd-1ud9

summary openssh: loading of untrusted PKCS#11 modules in ssh-agent

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-10009

reference_id

reference_type

scores

value	0.01579
scoring_system	epss
scoring_elements	0.815
published_at	2026-04-01T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81602
published_at	2026-04-16T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81572
published_at	2026-04-12T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81565
published_at	2026-04-13T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81511
published_at	2026-04-02T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81533
published_at	2026-04-04T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81531
published_at	2026-04-07T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81559
published_at	2026-04-08T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81564
published_at	2026-04-09T12:55:00Z

value	0.01579
scoring_system	epss
scoring_elements	0.81584
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-10009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:S/C:P/I:P/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1406269
reference_id	1406269
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1406269

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714
reference_id	848714
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714

reference_url	https://security.archlinux.org/ASA-201612-20
reference_id	ASA-201612-20
reference_type
scores
url	https://security.archlinux.org/ASA-201612-20

reference_url

reference_id

AVG-110

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json

reference_url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1009
reference_id	CVE-2016-10009
reference_type	exploit
scores
url	https://bugs.chromium.org/p/project-zero/issues/detail?id=1009

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt
reference_id	CVE-2016-10009
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt

reference_url	https://access.redhat.com/errata/RHSA-2017:2029
reference_id	RHSA-2017:2029
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2029

reference_url	https://usn.ubuntu.com/3538-1/
reference_id	USN-3538-1
reference_type
scores
url	https://usn.ubuntu.com/3538-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-10009

risk_score 10.0

exploitability 2.0

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1vq-wecd-1ud9

url VCID-v27n-4vt2-rffw

vulnerability_id VCID-v27n-4vt2-rffw

summary

A flaw has been discovered in OpenSSH which could allow a remote
    attacker to create zero-length files.

references

reference_url

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15906

reference_id

reference_type

scores

value	0.02659
scoring_system	epss
scoring_elements	0.8571
published_at	2026-04-01T12:55:00Z

value	0.02659
scoring_system	epss
scoring_elements	0.85747
published_at	2026-04-07T12:55:00Z

value	0.02659
scoring_system	epss
scoring_elements	0.85723
published_at	2026-04-02T12:55:00Z

value	0.02659
scoring_system	epss
scoring_elements	0.85741
published_at	2026-04-04T12:55:00Z

value	0.02659
scoring_system	epss
scoring_elements	0.85766
published_at	2026-04-08T12:55:00Z

value	0.03174
scoring_system	epss
scoring_elements	0.86961
published_at	2026-04-11T12:55:00Z

value	0.03174
scoring_system	epss
scoring_elements	0.86965
published_at	2026-04-16T12:55:00Z

value	0.03174
scoring_system	epss
scoring_elements	0.86947
published_at	2026-04-09T12:55:00Z

value	0.03174
scoring_system	epss
scoring_elements	0.86956
published_at	2026-04-12T12:55:00Z

value	0.03174
scoring_system	epss
scoring_elements	0.8695
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1506630
reference_id	1506630
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1506630

reference_url	https://security.gentoo.org/glsa/201801-05
reference_id	GLSA-201801-05
reference_type
scores
url	https://security.gentoo.org/glsa/201801-05

reference_url	https://access.redhat.com/errata/RHSA-2018:0980
reference_id	RHSA-2018:0980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0980

reference_url	https://usn.ubuntu.com/3538-1/
reference_id	USN-3538-1
reference_type
scores
url	https://usn.ubuntu.com/3538-1/

fixed_packages

url pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

purl pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-zncv-645p-f3gn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2

aliases CVE-2017-15906

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v27n-4vt2-rffw

url VCID-vj3u-a1c3-6qe5

vulnerability_id VCID-vj3u-a1c3-6qe5

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which allows remote attackers to cause Denial of Service.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-8858

reference_id

reference_type

scores

value	0.27135
scoring_system	epss
scoring_elements	0.96347
published_at	2026-04-01T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96355
published_at	2026-04-02T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96359
published_at	2026-04-04T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96363
published_at	2026-04-07T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96371
published_at	2026-04-08T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96375
published_at	2026-04-09T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96379
published_at	2026-04-12T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96382
published_at	2026-04-13T12:55:00Z

value	0.27135
scoring_system	epss
scoring_elements	0.96389
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-8858

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1384860
reference_id	1384860
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1384860

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884
reference_id	841884
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884

reference_url	https://security.gentoo.org/glsa/201612-18
reference_id	GLSA-201612-18
reference_type
scores
url	https://security.gentoo.org/glsa/201612-18

fixed_packages

url pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

purl pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3mzh-y1ek-cqh9

vulnerability	VCID-87uy-3q5r-r3b7

vulnerability	VCID-a7kr-mfau-bufd

vulnerability	VCID-fczw-59xy-83c6

vulnerability	VCID-g8g3-ts9j-8uab

vulnerability	VCID-ge2m-my5w-z3eb

vulnerability	VCID-gzmm-8kvw-6qbv

vulnerability	VCID-ha8v-pqwf-r3a1

vulnerability	VCID-hse5-y15y-n3dw

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-ubjj-qb2c-n3d4

vulnerability	VCID-v27n-4vt2-rffw

vulnerability	VCID-vrgz-eguk-k3dy

vulnerability	VCID-zncv-645p-f3gn

vulnerability	VCID-zxw6-2um9-23e7

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7

aliases CVE-2016-8858

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vj3u-a1c3-6qe5

url VCID-vrgz-eguk-k3dy

vulnerability_id VCID-vrgz-eguk-k3dy

summary

Multiple vulnerabilities have been found in Dropbear, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20685

reference_id

reference_type

scores

value	0.03377
scoring_system	epss
scoring_elements	0.87396
published_at	2026-04-16T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87327
published_at	2026-04-01T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87336
published_at	2026-04-02T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87352
published_at	2026-04-07T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87371
published_at	2026-04-08T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87378
published_at	2026-04-09T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.8739
published_at	2026-04-11T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87385
published_at	2026-04-12T12:55:00Z

value	0.03377
scoring_system	epss
scoring_elements	0.87381
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

http://www.securityfocus.com/bid/106531

reference_id

106531

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

http://www.securityfocus.com/bid/106531

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1665785
reference_id	1665785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1665785

reference_url

https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2

reference_id

6010c0303a422a9c5fa8860c061bf7105eb7f8b2

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101
reference_id	919101
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101

reference_url	https://security.archlinux.org/ASA-201904-11
reference_id	ASA-201904-11
reference_type
scores
url	https://security.archlinux.org/ASA-201904-11

reference_url

reference_id

AVG-951

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

reference_url

reference_id

dsa-4387

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

reference_url

reference_id

GLSA-201903-16

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://security.gentoo.org/glsa/202007-53

reference_url

reference_id

GLSA-202007-53

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://security.gentoo.org/glsa/202007-53

reference_url

https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html

reference_url

https://security.netapp.com/advisory/ntap-20190215-0001/

reference_id

ntap-20190215-0001

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://security.netapp.com/advisory/ntap-20190215-0001/

reference_url

reference_id

RHSA-2019:3702

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h

reference_url

reference_id

scp.c.diff?r1=1.197&r2=1.198&f=h

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url

https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h

reference_url

reference_id

USN-3885-1

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/

url