Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1036403?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1036403?format=api", "purl": "pkg:deb/debian/dropbear@0.52-5%2Bsqueeze1", "type": "deb", "namespace": "debian", "name": "dropbear", "version": "0.52-5+squeeze1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2022.83-1+deb12u3", "latest_non_vulnerable_version": "2022.83-1+deb12u3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57246?format=api", "vulnerability_id": "VCID-6ucx-wdc2-tuad", "summary": "Multiple vulnerabilities have been found in Dropbear, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96165", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96173", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.9618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96183", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96193", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96196", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.962", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96202", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96211", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25332", "scoring_system": "epss", "scoring_elements": "0.96215", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7406" }, { "reference_url": "https://security.gentoo.org/glsa/201702-23", "reference_id": "GLSA-201702-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2016-7406" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6ucx-wdc2-tuad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85748?format=api", "vulnerability_id": "VCID-8apc-5c8s-k3ar", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9079", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24185", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24314", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24348", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24133", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24199", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24242", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24257", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24215", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24173", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2416", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24137", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9079" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9078", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862970", "reference_id": "862970", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862970" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036406?format=api", "purl": "pkg:deb/debian/dropbear@2014.65-1%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2014.65-1%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2017-9079" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8apc-5c8s-k3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94825?format=api", "vulnerability_id": "VCID-9pmf-w3x7-5ugr", "summary": "An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods in the client-side SSH code, it is possible for an SSH server to change the login process in its favor. This attack can bypass additional security measures such as FIDO2 tokens or SSH-Askpass. Thus, it allows an attacker to abuse a forwarded agent for logging on to another server unnoticed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34091", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34455", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34841", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34879", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34795", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34802", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36369" }, { "reference_url": "https://github.com/mkj/dropbear/pull/128", "reference_id": "128", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T18:45:18Z/" } ], "url": "https://github.com/mkj/dropbear/pull/128" }, { "reference_url": "https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2022.82", "reference_id": "DROPBEAR_2022.82", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T18:45:18Z/" } ], "url": "https://github.com/mkj/dropbear/releases/tag/DROPBEAR_2022.82" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T18:45:18Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00015.html" }, { "reference_url": "https://github.com/mkj/dropbear/releases", "reference_id": "releases", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-15T18:45:18Z/" } ], "url": "https://github.com/mkj/dropbear/releases" }, { "reference_url": "https://usn.ubuntu.com/7292-1/", "reference_id": "USN-7292-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7292-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049233?format=api", "purl": "pkg:deb/debian/dropbear@2020.81-3%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9vje-sxgj-9udj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2020.81-3%252Bdeb11u2" } ], "aliases": [ "CVE-2021-36369" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9pmf-w3x7-5ugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96715?format=api", "vulnerability_id": "VCID-9vje-sxgj-9udj", "summary": "dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname argument, because a shell is used.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41367", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.4144", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41442", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41427", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.4147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41441", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41395", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41453", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-47203" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47203", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47203" }, { "reference_url": "https://security.archlinux.org/ASA-202505-9", "reference_id": "ASA-202505-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202505-9" }, { "reference_url": "https://security.archlinux.org/AVG-2874", "reference_id": "AVG-2874", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2874" }, { "reference_url": "https://github.com/mkj/dropbear/blob/master/CHANGES", "reference_id": "CHANGES", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:22:58Z/" } ], "url": "https://github.com/mkj/dropbear/blob/master/CHANGES" }, { "reference_url": "https://github.com/mkj/dropbear/blob/master/src/cli-main.c", "reference_id": "cli-main.c", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-07T20:22:58Z/" } ], "url": "https://github.com/mkj/dropbear/blob/master/src/cli-main.c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049234?format=api", "purl": "pkg:deb/debian/dropbear@2022.83-1%2Bdeb12u3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2022.83-1%252Bdeb12u3" } ], "aliases": [ "CVE-2025-47203" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9vje-sxgj-9udj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57248?format=api", "vulnerability_id": "VCID-a8c1-84ye-73en", "summary": "Multiple vulnerabilities have been found in Dropbear, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81178", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81186", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.8121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81238", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81263", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81241", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81278", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01519", "scoring_system": "epss", "scoring_elements": "0.81279", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7408" }, { "reference_url": "https://security.gentoo.org/glsa/201702-23", "reference_id": "GLSA-201702-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2016-7408" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8c1-84ye-73en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92515?format=api", "vulnerability_id": "VCID-adtn-2cnz-wfb9", "summary": "The buf_decompress function in packet.c in Dropbear SSH Server before 2013.59 allows remote attackers to cause a denial of service (memory consumption) via a compressed packet that has a large size when it is decompressed.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4421", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96232", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96239", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96246", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96251", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.9626", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96263", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.9627", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96283", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25913", "scoring_system": "epss", "scoring_elements": "0.96285", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4421" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4421", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4421" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726019", "reference_id": "726019", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726019" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036405?format=api", "purl": "pkg:deb/debian/dropbear@2014.65-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2014.65-1" } ], "aliases": [ "CVE-2013-4421" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-adtn-2cnz-wfb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93203?format=api", "vulnerability_id": "VCID-d17n-u3cw-cudj", "summary": "It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2659", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51026", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51004", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51048", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50963", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50988", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50945", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.51021", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2659" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2659" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2659", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2659" }, { "reference_url": "https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86", "reference_id": "", "reference_type": "", "scores": [], "url": "https://secure.ucc.asn.au/hg/dropbear/rev/d7784616409a#l1.86" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2659", "reference_id": "CVE-2017-2659", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2659" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036405?format=api", "purl": "pkg:deb/debian/dropbear@2014.65-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2014.65-1" } ], "aliases": [ "CVE-2017-2659" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d17n-u3cw-cudj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85747?format=api", "vulnerability_id": "VCID-d3s7-uqk1-47bq", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9078", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89849", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89868", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.8989", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89895", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89888", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89902", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89903", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05156", "scoring_system": "epss", "scoring_elements": "0.89896", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9078", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9079" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862970", "reference_id": "862970", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862970" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036406?format=api", "purl": "pkg:deb/debian/dropbear@2014.65-1%2Bdeb8u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2014.65-1%252Bdeb8u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2017-9078" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3s7-uqk1-47bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93571?format=api", "vulnerability_id": "VCID-fkyw-zr2t-y7dm", "summary": "The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.6687", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66908", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66934", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66909", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66958", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66971", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66991", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66976", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66978", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66993", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00524", "scoring_system": "epss", "scoring_elements": "0.66974", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-15599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15599" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906890", "reference_id": "906890", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906890" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049232?format=api", "purl": "pkg:deb/debian/dropbear@2018.76-5%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2018.76-5%252Bdeb10u1" } ], "aliases": [ "CVE-2018-15599" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fkyw-zr2t-y7dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94584?format=api", "vulnerability_id": "VCID-gdx4-w6cw-2kek", "summary": "scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36254", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57292", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00349", "scoring_system": "epss", "scoring_elements": "0.57374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70314", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70333", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70247", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.7027", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70285", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70309", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70294", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70282", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36254" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36254", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36254" }, { "reference_url": "https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff", "reference_id": "8f8a3dff705fad774a10864a2e3dbcfa9779ceff", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:09:52Z/" } ], "url": "https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049233?format=api", "purl": "pkg:deb/debian/dropbear@2020.81-3%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9vje-sxgj-9udj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2020.81-3%252Bdeb11u2" } ], "aliases": [ "CVE-2020-36254" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdx4-w6cw-2kek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93949?format=api", "vulnerability_id": "VCID-hmcm-aqkc-zfdm", "summary": "Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48432", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48468", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48443", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48498", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.4849", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48553", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48548", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48506", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12953" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009062", "reference_id": "1009062", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009062" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049233?format=api", "purl": "pkg:deb/debian/dropbear@2020.81-3%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9vje-sxgj-9udj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2020.81-3%252Bdeb11u2" } ], "aliases": [ "CVE-2019-12953" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmcm-aqkc-zfdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48791?format=api", "vulnerability_id": "VCID-jd36-dxz7-dfdy", "summary": "Multiple vulnerabilities have been found in Dropbear, the worst of\n which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0920", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82735", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82751", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82762", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82793", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.8281", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82805", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.8284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01803", "scoring_system": "epss", "scoring_elements": "0.82842", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-0920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0920" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661150", "reference_id": "661150", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661150" }, { "reference_url": "https://security.gentoo.org/glsa/201309-20", "reference_id": "GLSA-201309-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-20" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036404?format=api", "purl": "pkg:deb/debian/dropbear@2012.55-1.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-adtn-2cnz-wfb9" }, { "vulnerability": "VCID-d17n-u3cw-cudj" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-w5xg-8n7z-zqcs" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2012.55-1.3" } ], "aliases": [ "CVE-2012-0920" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jd36-dxz7-dfdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20351?format=api", "vulnerability_id": "VCID-jzn6-bzzf-nugp", "summary": "Improper Validation of Integrity Check Value\nThe SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98134", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98136", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98124", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98114", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98118", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98119", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.61084", "scoring_system": "epss", "scoring_elements": "0.98316", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-48795" }, { "reference_url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack" }, { "reference_url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/" }, { "reference_url": "https://bugs.gentoo.org/920280", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugs.gentoo.org/920280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950" }, { "reference_url": "https://crates.io/crates/thrussh/versions", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://crates.io/crates/thrussh/versions" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Mar/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "reference_url": "https://filezilla-project.org/versions.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://filezilla-project.org/versions.php" }, { "reference_url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/mina-sshd/issues/445", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/apache/mina-sshd/issues/445" }, { "reference_url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab" }, { "reference_url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22" }, { "reference_url": "https://github.com/cyd01/KiTTY/issues/520", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/cyd01/KiTTY/issues/520" }, { "reference_url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6" }, { "reference_url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42" }, { "reference_url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1" }, { "reference_url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d" }, { "reference_url": "https://github.com/hierynomus/sshj/issues/916", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/hierynomus/sshj/issues/916" }, { "reference_url": "https://github.com/janmojzis/tinyssh/issues/81", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/janmojzis/tinyssh/issues/81" }, { "reference_url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5" }, { "reference_url": "https://github.com/libssh2/libssh2/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/libssh2/libssh2/pull/1291" }, { "reference_url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25" }, { "reference_url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3" }, { "reference_url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15" }, { "reference_url": "https://github.com/mwiede/jsch/issues/457", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/issues/457" }, { "reference_url": "https://github.com/mwiede/jsch/pull/461", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/pull/461" }, { "reference_url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/275249", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/275249" }, { "reference_url": "https://github.com/openssh/openssh-portable/commits/master", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/openssh/openssh-portable/commits/master" }, { "reference_url": "https://github.com/paramiko/paramiko/issues/2337", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/paramiko/paramiko/issues/2337" }, { "reference_url": "https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773" }, { "reference_url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189" }, { "reference_url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/issues/456", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/issues/456" }, { "reference_url": "https://github.com/rapier1/hpn-ssh/releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/rapier1/hpn-ssh/releases" }, { "reference_url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst" }, { "reference_url": "https://github.com/ronf/asyncssh/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ronf/asyncssh/tags" }, { "reference_url": "https://github.com/ssh-mitm/ssh-mitm/issues/165", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165" }, { "reference_url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0" }, { "reference_url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1" }, { "reference_url": "https://github.com/warp-tech/russh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh" }, { "reference_url": "https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951" }, { "reference_url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2" }, { "reference_url": "https://gitlab.com/libssh/libssh-mirror/-/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://gitlab.com/libssh/libssh-mirror/-/tags" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6" }, { "reference_url": "https://go.dev/cl/550715", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/550715" }, { "reference_url": "https://go.dev/issue/64784", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/64784" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg" }, { "reference_url": "https://help.panic.com/releasenotes/transmit5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://help.panic.com/releasenotes/transmit5" }, { "reference_url": "https://help.panic.com/releasenotes/transmit5/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://help.panic.com/releasenotes/transmit5/" }, { "reference_url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795" }, { "reference_url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB" }, { "reference_url": "https://matt.ucc.asn.au/dropbear/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://matt.ucc.asn.au/dropbear/CHANGES" }, { "reference_url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC" }, { "reference_url": "https://news.ycombinator.com/item?id=38684904", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38684904" }, { "reference_url": "https://news.ycombinator.com/item?id=38685286", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38685286" }, { "reference_url": "https://news.ycombinator.com/item?id=38732005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38732005" }, { "reference_url": "https://nova.app/releases/#v11.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://nova.app/releases/#v11.8" }, { "reference_url": "https://oryx-embedded.com/download/#changelog", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://oryx-embedded.com/download/#changelog" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002" }, { "reference_url": "https://roumenpetrov.info/secsh/#news20231220", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://roumenpetrov.info/secsh/#news20231220" }, { "reference_url": "https://security.gentoo.org/glsa/202312-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.gentoo.org/glsa/202312-16" }, { "reference_url": "https://security.gentoo.org/glsa/202312-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240105-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240105-0004" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/libssh2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/libssh2" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2" }, { "reference_url": "https://support.apple.com/kb/HT214084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://support.apple.com/kb/HT214084" }, { "reference_url": "https://twitter.com/TrueSkrillor/status/1736774389725565005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005" }, { "reference_url": "https://winscp.net/eng/docs/history#6.2.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://winscp.net/eng/docs/history#6.2.2" }, { "reference_url": "https://www.bitvise.com/ssh-client-version-history#933", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.bitvise.com/ssh-client-version-history#933" }, { "reference_url": "https://www.bitvise.com/ssh-server-version-history", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.bitvise.com/ssh-server-version-history" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5586", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5588", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5588" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc" }, { "reference_url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508" }, { "reference_url": "https://www.netsarang.com/en/xshell-update-history", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.netsarang.com/en/xshell-update-history" }, { "reference_url": "https://www.netsarang.com/en/xshell-update-history/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.netsarang.com/en/xshell-update-history/" }, { "reference_url": "https://www.openssh.com/openbsd.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openssh.com/openbsd.html" }, { "reference_url": "https://www.openssh.com/txt/release-9.6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openssh.com/txt/release-9.6" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/12/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/12/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "reference_url": "https://www.paramiko.org/changelog.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.paramiko.org/changelog.html" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/" }, { "reference_url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795" }, { "reference_url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/" }, { "reference_url": "https://www.terrapin-attack.com", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.terrapin-attack.com" }, { "reference_url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh" }, { "reference_url": "https://www.vandyke.com/products/securecrt/history.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.vandyke.com/products/securecrt/history.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/18/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/17/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001", "reference_id": "1059001", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002", "reference_id": "1059002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003", "reference_id": "1059003", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004", "reference_id": "1059004", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005", "reference_id": "1059005", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006", "reference_id": "1059006", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007", "reference_id": "1059007", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058", "reference_id": "1059058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144", "reference_id": "1059144", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290", "reference_id": "1059290", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294", "reference_id": "1059294", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", "reference_id": "33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", "reference_id": "3CAYYW35MUTNO65RVAELICTNZZFMT2XS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", "reference_id": "3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", "reference_id": "6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", "reference_id": "BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", "reference_id": "C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", "reference_id": "CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://access.redhat.com/security/cve/cve-2023-48795" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795" }, { "reference_url": "https://ubuntu.com/security/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://ubuntu.com/security/CVE-2023-48795" }, { "reference_url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway", "reference_id": "CVE-2023-48795-AND-SFTP-GATEWAY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway" }, { "reference_url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", "reference_id": "CVE-2023-48795-AND-SFTP-GATEWAY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit", "reference_id": "CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability", "reference_id": "CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability" }, { "reference_url": "https://github.com/advisories/GHSA-45x7-px36-x8w8", "reference_id": "GHSA-45x7-px36-x8w8", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8" }, { "reference_url": "https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8", "reference_id": "GHSA-45x7-px36-x8w8", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8" }, { "reference_url": "https://security.gentoo.org/glsa/202407-11", "reference_id": "GLSA-202407-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-11" }, { "reference_url": "https://security.gentoo.org/glsa/202407-12", "reference_id": "GLSA-202407-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-12" }, { "reference_url": "https://security.gentoo.org/glsa/202509-06", "reference_id": "GLSA-202509-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-06" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", "reference_id": "HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", "reference_id": "I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", "reference_id": "KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", "reference_id": "L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", "reference_id": "LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240105-0004/", "reference_id": "ntap-20240105-0004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7197", "reference_id": "RHSA-2023:7197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7198", "reference_id": "RHSA-2023:7198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7201", "reference_id": "RHSA-2023:7201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0040", "reference_id": "RHSA-2024:0040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0429", "reference_id": "RHSA-2024:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0455", "reference_id": "RHSA-2024:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0499", "reference_id": "RHSA-2024:0499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0538", "reference_id": "RHSA-2024:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0594", "reference_id": "RHSA-2024:0594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0606", "reference_id": "RHSA-2024:0606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0625", "reference_id": "RHSA-2024:0625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0628", "reference_id": "RHSA-2024:0628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0766", "reference_id": "RHSA-2024:0766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0789", "reference_id": "RHSA-2024:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0843", "reference_id": "RHSA-2024:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0880", "reference_id": "RHSA-2024:0880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0954", "reference_id": "RHSA-2024:0954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1130", "reference_id": "RHSA-2024:1130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1150", "reference_id": "RHSA-2024:1150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1192", "reference_id": "RHSA-2024:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1193", "reference_id": "RHSA-2024:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1196", "reference_id": "RHSA-2024:1196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1197", "reference_id": "RHSA-2024:1197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1210", "reference_id": "RHSA-2024:1210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1557", "reference_id": "RHSA-2024:1557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1859", "reference_id": "RHSA-2024:1859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2728", "reference_id": "RHSA-2024:2728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2735", "reference_id": "RHSA-2024:2735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2768", "reference_id": "RHSA-2024:2768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3479", "reference_id": "RHSA-2024:3479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3634", "reference_id": "RHSA-2024:3634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3635", "reference_id": "RHSA-2024:3635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3636", "reference_id": "RHSA-2024:3636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3918", "reference_id": "RHSA-2024:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4010", "reference_id": "RHSA-2024:4010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4151", "reference_id": "RHSA-2024:4151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4329", "reference_id": "RHSA-2024:4329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4479", "reference_id": "RHSA-2024:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4484", "reference_id": "RHSA-2024:4484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4597", "reference_id": "RHSA-2024:4597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4662", "reference_id": "RHSA-2024:4662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4955", "reference_id": "RHSA-2024:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4959", "reference_id": "RHSA-2024:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5200", "reference_id": "RHSA-2024:5200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5432", "reference_id": "RHSA-2024:5432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5433", "reference_id": "RHSA-2024:5433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5438", "reference_id": "RHSA-2024:5438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8235", "reference_id": "RHSA-2024:8235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4664", "reference_id": "RHSA-2025:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4664" }, { "reference_url": "https://usn.ubuntu.com/6560-1/", "reference_id": "USN-6560-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6560-1/" }, { "reference_url": "https://usn.ubuntu.com/6560-2/", "reference_id": "USN-6560-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6560-2/" }, { "reference_url": "https://usn.ubuntu.com/6561-1/", "reference_id": "USN-6561-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6561-1/" }, { "reference_url": "https://usn.ubuntu.com/6585-1/", "reference_id": "USN-6585-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6585-1/" }, { "reference_url": "https://usn.ubuntu.com/6589-1/", "reference_id": "USN-6589-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6589-1/" }, { "reference_url": "https://usn.ubuntu.com/6598-1/", "reference_id": "USN-6598-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6598-1/" }, { "reference_url": "https://usn.ubuntu.com/6738-1/", "reference_id": "USN-6738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6738-1/" }, { "reference_url": "https://usn.ubuntu.com/7051-1/", "reference_id": "USN-7051-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7051-1/" }, { "reference_url": "https://usn.ubuntu.com/7292-1/", "reference_id": "USN-7292-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7292-1/" }, { "reference_url": "https://usn.ubuntu.com/7297-1/", "reference_id": "USN-7297-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7297-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049233?format=api", "purl": "pkg:deb/debian/dropbear@2020.81-3%2Bdeb11u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9vje-sxgj-9udj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2020.81-3%252Bdeb11u2" } ], "aliases": [ "CVE-2023-48795", "GHSA-45x7-px36-x8w8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51031?format=api", "vulnerability_id": "VCID-qftg-znh3-5kep", "summary": "A vulnerability has been found in Dropbear, which allows remote\n authenticated users to bypass intended shell-command restrictions.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179261.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179269.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179870.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00105.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00113.html" }, { "reference_url": "http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/136251/Dropbear-SSHD-xauth-Command-Injection-Bypass.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96444", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96442", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96408", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.9642", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96431", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.27583", "scoring_system": "epss", "scoring_elements": "0.96438", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3116" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/Mar/47", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2016/Mar/47" }, { "reference_url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115" }, { "reference_url": "https://matt.ucc.asn.au/dropbear/CHANGES", "reference_id": "", "reference_type": "", "scores": [], "url": "https://matt.ucc.asn.au/dropbear/CHANGES" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/tintinweb/pub/tree/1b0c76ba7bb87cfd9ab36e4ca5e5e72cb9fdc0ca/pocs/cve-2016-3116", "reference_id": "CVE-2016-3116", "reference_type": "exploit", "scores": [], "url": "https://github.com/tintinweb/pub/tree/1b0c76ba7bb87cfd9ab36e4ca5e5e72cb9fdc0ca/pocs/cve-2016-3116" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40119.md", "reference_id": "CVE-2016-3116", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40119.md" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3116", "reference_id": "CVE-2016-3116", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:N" }, { "value": "6.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3116" }, { "reference_url": "https://security.gentoo.org/glsa/201607-08", "reference_id": "GLSA-201607-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2016-3116" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qftg-znh3-5kep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57249?format=api", "vulnerability_id": "VCID-s1dw-5sgq-j3bm", "summary": "Multiple vulnerabilities have been found in Dropbear, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30508", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30646", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30692", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30564", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30601", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.3051", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30536", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30518", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00117", "scoring_system": "epss", "scoring_elements": "0.30481", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7409" }, { "reference_url": "https://security.gentoo.org/glsa/201702-23", "reference_id": "GLSA-201702-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2016-7409" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s1dw-5sgq-j3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92516?format=api", "vulnerability_id": "VCID-w5xg-8n7z-zqcs", "summary": "Dropbear SSH Server before 2013.59 generates error messages for a failed logon attempt with different time delays depending on whether the user account exists, which allows remote attackers to discover valid usernames.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83223", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83239", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83254", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83253", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83277", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83286", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83296", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.83328", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01912", "scoring_system": "epss", "scoring_elements": "0.8333", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4434" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726118", "reference_id": "726118", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726118" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036405?format=api", "purl": "pkg:deb/debian/dropbear@2014.65-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6ucx-wdc2-tuad" }, { "vulnerability": "VCID-8apc-5c8s-k3ar" }, { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-a8c1-84ye-73en" }, { "vulnerability": "VCID-d3s7-uqk1-47bq" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-qftg-znh3-5kep" }, { "vulnerability": "VCID-s1dw-5sgq-j3bm" }, { "vulnerability": "VCID-xqe7-wtdn-hugk" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2014.65-1" } ], "aliases": [ "CVE-2013-4434" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5xg-8n7z-zqcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57247?format=api", "vulnerability_id": "VCID-xqe7-wtdn-hugk", "summary": "Multiple vulnerabilities have been found in Dropbear, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.7722", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77226", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77238", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77269", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77278", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77305", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77285", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77322", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01026", "scoring_system": "epss", "scoring_elements": "0.77314", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7407" }, { "reference_url": "https://security.gentoo.org/glsa/201702-23", "reference_id": "GLSA-201702-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-23" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049231?format=api", "purl": "pkg:deb/debian/dropbear@2016.74-5%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-9pmf-w3x7-5ugr" }, { "vulnerability": "VCID-9vje-sxgj-9udj" }, { "vulnerability": "VCID-fkyw-zr2t-y7dm" }, { "vulnerability": "VCID-gdx4-w6cw-2kek" }, { "vulnerability": "VCID-hmcm-aqkc-zfdm" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@2016.74-5%252Bdeb9u1" } ], "aliases": [ "CVE-2016-7407" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xqe7-wtdn-hugk" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/dropbear@0.52-5%252Bsqueeze1" }