Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
Typedeb
Namespacedebian
Nameopenssh
Version1:8.4p1-5+deb11u3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:9.2p1-2+deb12u9
Latest_non_vulnerable_version1:10.3p1-1
Affected_by_vulnerabilities
0
url VCID-792n-jkzj-qqhd
vulnerability_id VCID-792n-jkzj-qqhd
summary In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35385.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35385
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.1055
published_at 2026-04-07T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.10687
published_at 2026-04-04T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11663
published_at 2026-04-24T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11771
published_at 2026-04-09T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11782
published_at 2026-04-11T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.11743
published_at 2026-04-12T12:55:00Z
6
value 0.00039
scoring_system epss
scoring_elements 0.11718
published_at 2026-04-13T12:55:00Z
7
value 0.00039
scoring_system epss
scoring_elements 0.1158
published_at 2026-04-16T12:55:00Z
8
value 0.00039
scoring_system epss
scoring_elements 0.11582
published_at 2026-04-18T12:55:00Z
9
value 0.00039
scoring_system epss
scoring_elements 0.11705
published_at 2026-04-21T12:55:00Z
10
value 0.00039
scoring_system epss
scoring_elements 0.11716
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35385
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35385
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132572
reference_id 1132572
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132572
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454469
reference_id 2454469
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454469
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://www.openssh.org/releasenotes.html#10.3p1
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
3
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
4
url pkg:deb/debian/openssh@1:10.3p1-1
purl pkg:deb/debian/openssh@1:10.3p1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1
aliases CVE-2026-35385
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-792n-jkzj-qqhd
1
url VCID-8efr-budq-6bb6
vulnerability_id VCID-8efr-budq-6bb6
summary OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35414.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35414
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03583
published_at 2026-04-07T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03573
published_at 2026-04-04T12:55:00Z
2
value 0.00018
scoring_system epss
scoring_elements 0.04506
published_at 2026-04-09T12:55:00Z
3
value 0.00018
scoring_system epss
scoring_elements 0.04491
published_at 2026-04-08T12:55:00Z
4
value 0.0002
scoring_system epss
scoring_elements 0.05351
published_at 2026-04-24T12:55:00Z
5
value 0.0002
scoring_system epss
scoring_elements 0.0524
published_at 2026-04-11T12:55:00Z
6
value 0.0002
scoring_system epss
scoring_elements 0.05224
published_at 2026-04-12T12:55:00Z
7
value 0.0002
scoring_system epss
scoring_elements 0.05211
published_at 2026-04-13T12:55:00Z
8
value 0.0002
scoring_system epss
scoring_elements 0.05157
published_at 2026-04-16T12:55:00Z
9
value 0.0002
scoring_system epss
scoring_elements 0.05159
published_at 2026-04-18T12:55:00Z
10
value 0.0002
scoring_system epss
scoring_elements 0.05313
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35414
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35414
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132576
reference_id 1132576
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132576
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454490
reference_id 2454490
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454490
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://www.openssh.org/releasenotes.html#10.3p1
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
3
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
4
url pkg:deb/debian/openssh@1:10.3p1-1
purl pkg:deb/debian/openssh@1:10.3p1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1
aliases CVE-2026-35414
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8efr-budq-6bb6
2
url VCID-a4eq-r71a-buhm
vulnerability_id VCID-a4eq-r71a-buhm
summary In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35386.json
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35386
reference_id
reference_type
scores
0
value 7e-05
scoring_system epss
scoring_elements 0.00508
published_at 2026-04-07T12:55:00Z
1
value 7e-05
scoring_system epss
scoring_elements 0.0051
published_at 2026-04-04T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00704
published_at 2026-04-24T12:55:00Z
3
value 8e-05
scoring_system epss
scoring_elements 0.00678
published_at 2026-04-08T12:55:00Z
4
value 8e-05
scoring_system epss
scoring_elements 0.0067
published_at 2026-04-11T12:55:00Z
5
value 8e-05
scoring_system epss
scoring_elements 0.00663
published_at 2026-04-12T12:55:00Z
6
value 8e-05
scoring_system epss
scoring_elements 0.00664
published_at 2026-04-13T12:55:00Z
7
value 8e-05
scoring_system epss
scoring_elements 0.00656
published_at 2026-04-16T12:55:00Z
8
value 8e-05
scoring_system epss
scoring_elements 0.00661
published_at 2026-04-18T12:55:00Z
9
value 8e-05
scoring_system epss
scoring_elements 0.00703
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35386
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132573
reference_id 1132573
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132573
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454506
reference_id 2454506
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454506
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://www.openssh.org/releasenotes.html#10.3p1
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
3
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
4
url pkg:deb/debian/openssh@1:10.3p1-1
purl pkg:deb/debian/openssh@1:10.3p1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1
aliases CVE-2026-35386
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a4eq-r71a-buhm
3
url VCID-a7m6-uqbt-nqd9
vulnerability_id VCID-a7m6-uqbt-nqd9
summary openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61985.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61985.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61985
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.03681
published_at 2026-04-02T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.03759
published_at 2026-04-24T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.0371
published_at 2026-04-08T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03732
published_at 2026-04-09T12:55:00Z
4
value 0.00016
scoring_system epss
scoring_elements 0.03671
published_at 2026-04-12T12:55:00Z
5
value 0.00016
scoring_system epss
scoring_elements 0.03644
published_at 2026-04-13T12:55:00Z
6
value 0.00016
scoring_system epss
scoring_elements 0.03622
published_at 2026-04-16T12:55:00Z
7
value 0.00016
scoring_system epss
scoring_elements 0.03634
published_at 2026-04-18T12:55:00Z
8
value 0.00016
scoring_system epss
scoring_elements 0.03756
published_at 2026-04-21T12:55:00Z
9
value 0.00016
scoring_system epss
scoring_elements 0.03694
published_at 2026-04-11T12:55:00Z
10
value 0.00016
scoring_system epss
scoring_elements 0.03706
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61985
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61985
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61985
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.openwall.com/lists/oss-security/2025/10/06/1
reference_id 1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://www.openwall.com/lists/oss-security/2025/10/06/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117530
reference_id 1117530
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117530
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401962
reference_id 2401962
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401962
7
reference_url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
reference_id ?l=openssh-unix-dev&m=175974522032149&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
8
reference_url https://www.openssh.com/releasenotes.html#10.1p1
reference_id releasenotes.html#10.1p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://www.openssh.com/releasenotes.html#10.1p1
9
reference_url https://access.redhat.com/errata/RHSA-2025:23479
reference_id RHSA-2025:23479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23479
10
reference_url https://access.redhat.com/errata/RHSA-2025:23480
reference_id RHSA-2025:23480
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23480
11
reference_url https://access.redhat.com/errata/RHSA-2025:23481
reference_id RHSA-2025:23481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23481
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
14
reference_url https://access.redhat.com/errata/RHSA-2026:0693
reference_id RHSA-2026:0693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0693
15
reference_url https://access.redhat.com/errata/RHSA-2026:0976
reference_id RHSA-2026:0976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0976
16
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
17
reference_url https://access.redhat.com/errata/RHSA-2026:1678
reference_id RHSA-2026:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1678
18
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
19
reference_url https://access.redhat.com/errata/RHSA-2026:1815
reference_id RHSA-2026:1815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1815
20
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
21
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
22
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
23
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
aliases CVE-2025-61985
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7m6-uqbt-nqd9
4
url VCID-ajmg-5kgx-k7h5
vulnerability_id VCID-ajmg-5kgx-k7h5
summary openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3497
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09146
published_at 2026-04-02T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09123
published_at 2026-04-07T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09198
published_at 2026-04-04T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09203
published_at 2026-04-12T12:55:00Z
4
value 0.00032
scoring_system epss
scoring_elements 0.09232
published_at 2026-04-09T12:55:00Z
5
value 0.00032
scoring_system epss
scoring_elements 0.09235
published_at 2026-04-11T12:55:00Z
6
value 0.00035
scoring_system epss
scoring_elements 0.10161
published_at 2026-04-16T12:55:00Z
7
value 0.00035
scoring_system epss
scoring_elements 0.10136
published_at 2026-04-18T12:55:00Z
8
value 0.00035
scoring_system epss
scoring_elements 0.10267
published_at 2026-04-21T12:55:00Z
9
value 0.00035
scoring_system epss
scoring_elements 0.10248
published_at 2026-04-24T12:55:00Z
10
value 0.00035
scoring_system epss
scoring_elements 0.10288
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3497
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595
reference_id 1130595
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2447085
reference_id 2447085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2447085
6
reference_url https://www.openwall.com/lists/oss-security/2026/03/12/3
reference_id 3
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/
url https://www.openwall.com/lists/oss-security/2026/03/12/3
7
reference_url https://ubuntu.com/security/CVE-2026-3497
reference_id CVE-2026-3497
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/
url https://ubuntu.com/security/CVE-2026-3497
8
reference_url https://access.redhat.com/errata/RHSA-2026:10065
reference_id RHSA-2026:10065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10065
9
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
10
reference_url https://access.redhat.com/errata/RHSA-2026:6461
reference_id RHSA-2026:6461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6461
11
reference_url https://access.redhat.com/errata/RHSA-2026:6462
reference_id RHSA-2026:6462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6462
12
reference_url https://access.redhat.com/errata/RHSA-2026:6463
reference_id RHSA-2026:6463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6463
13
reference_url https://access.redhat.com/errata/RHSA-2026:7107
reference_id RHSA-2026:7107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7107
14
reference_url https://access.redhat.com/errata/RHSA-2026:9415
reference_id RHSA-2026:9415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9415
15
reference_url https://access.redhat.com/errata/RHSA-2026:9732
reference_id RHSA-2026:9732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9732
16
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
17
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
4
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
aliases CVE-2026-3497
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajmg-5kgx-k7h5
5
url VCID-b4uc-yh56-muej
vulnerability_id VCID-b4uc-yh56-muej
summary openssh: possible bypass of fido 2 devices and ssh-askpass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36368.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36368
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54195
published_at 2026-04-21T12:55:00Z
1
value 0.00395
scoring_system epss
scoring_elements 0.60322
published_at 2026-04-02T12:55:00Z
2
value 0.00395
scoring_system epss
scoring_elements 0.60348
published_at 2026-04-04T12:55:00Z
3
value 0.00395
scoring_system epss
scoring_elements 0.60317
published_at 2026-04-07T12:55:00Z
4
value 0.00395
scoring_system epss
scoring_elements 0.60366
published_at 2026-04-08T12:55:00Z
5
value 0.00395
scoring_system epss
scoring_elements 0.60381
published_at 2026-04-09T12:55:00Z
6
value 0.00395
scoring_system epss
scoring_elements 0.60245
published_at 2026-04-01T12:55:00Z
7
value 0.00432
scoring_system epss
scoring_elements 0.62735
published_at 2026-04-24T12:55:00Z
8
value 0.00532
scoring_system epss
scoring_elements 0.67333
published_at 2026-04-11T12:55:00Z
9
value 0.00532
scoring_system epss
scoring_elements 0.67319
published_at 2026-04-16T12:55:00Z
10
value 0.00532
scoring_system epss
scoring_elements 0.67284
published_at 2026-04-13T12:55:00Z
11
value 0.00532
scoring_system epss
scoring_elements 0.67331
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36368
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36368
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2086690
reference_id 2086690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2086690
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
aliases CVE-2021-36368
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b4uc-yh56-muej
6
url VCID-bnrq-2fsr-mfgd
vulnerability_id VCID-bnrq-2fsr-mfgd
summary OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35388.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35388
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01324
published_at 2026-04-07T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01312
published_at 2026-04-04T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01699
published_at 2026-04-24T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01619
published_at 2026-04-09T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01604
published_at 2026-04-11T12:55:00Z
5
value 0.00012
scoring_system epss
scoring_elements 0.01595
published_at 2026-04-12T12:55:00Z
6
value 0.00012
scoring_system epss
scoring_elements 0.01594
published_at 2026-04-13T12:55:00Z
7
value 0.00012
scoring_system epss
scoring_elements 0.01583
published_at 2026-04-16T12:55:00Z
8
value 0.00012
scoring_system epss
scoring_elements 0.01597
published_at 2026-04-18T12:55:00Z
9
value 0.00012
scoring_system epss
scoring_elements 0.01686
published_at 2026-04-21T12:55:00Z
10
value 0.00012
scoring_system epss
scoring_elements 0.01612
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35388
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132575
reference_id 1132575
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132575
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454500
reference_id 2454500
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454500
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://www.openssh.org/releasenotes.html#10.3p1
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
3
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
4
url pkg:deb/debian/openssh@1:10.3p1-1
purl pkg:deb/debian/openssh@1:10.3p1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1
aliases CVE-2026-35388
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bnrq-2fsr-mfgd
7
url VCID-ha8v-pqwf-r3a1
vulnerability_id VCID-ha8v-pqwf-r3a1
summary Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26465
reference_id
reference_type
scores
0
value 0.73605
scoring_system epss
scoring_elements 0.9882
published_at 2026-04-24T12:55:00Z
1
value 0.73605
scoring_system epss
scoring_elements 0.98804
published_at 2026-04-09T12:55:00Z
2
value 0.73605
scoring_system epss
scoring_elements 0.98807
published_at 2026-04-11T12:55:00Z
3
value 0.73605
scoring_system epss
scoring_elements 0.98808
published_at 2026-04-12T12:55:00Z
4
value 0.73605
scoring_system epss
scoring_elements 0.98809
published_at 2026-04-13T12:55:00Z
5
value 0.73605
scoring_system epss
scoring_elements 0.98813
published_at 2026-04-16T12:55:00Z
6
value 0.73605
scoring_system epss
scoring_elements 0.98814
published_at 2026-04-18T12:55:00Z
7
value 0.73977
scoring_system epss
scoring_elements 0.98835
published_at 2026-04-21T12:55:00Z
8
value 0.73977
scoring_system epss
scoring_elements 0.98815
published_at 2026-04-02T12:55:00Z
9
value 0.73977
scoring_system epss
scoring_elements 0.98818
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://seclists.org/oss-sec/2025/q1/144
reference_id 144
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://seclists.org/oss-sec/2025/q1/144
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2344780
reference_id 2344780
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2344780
6
reference_url https://access.redhat.com/solutions/7109879
reference_id 7109879
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/solutions/7109879
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
18
reference_url https://access.redhat.com/security/cve/CVE-2025-26465
reference_id CVE-2025-26465
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/security/cve/CVE-2025-26465
19
reference_url https://security.gentoo.org/glsa/202502-01
reference_id GLSA-202502-01
reference_type
scores
url https://security.gentoo.org/glsa/202502-01
20
reference_url https://access.redhat.com/errata/RHSA-2025:16823
reference_id RHSA-2025:16823
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:16823
21
reference_url https://access.redhat.com/errata/RHSA-2025:3837
reference_id RHSA-2025:3837
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:3837
22
reference_url https://access.redhat.com/errata/RHSA-2025:6993
reference_id RHSA-2025:6993
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:6993
23
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:8385
24
reference_url https://usn.ubuntu.com/7270-1/
reference_id USN-7270-1
reference_type
scores
url https://usn.ubuntu.com/7270-1/
25
reference_url https://usn.ubuntu.com/7270-2/
reference_id USN-7270-2
reference_type
scores
url https://usn.ubuntu.com/7270-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
aliases CVE-2025-26465
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ha8v-pqwf-r3a1
8
url VCID-hse5-y15y-n3dw
vulnerability_id VCID-hse5-y15y-n3dw
summary openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32728
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.50759
published_at 2026-04-02T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.50768
published_at 2026-04-24T12:55:00Z
2
value 0.00274
scoring_system epss
scoring_elements 0.50785
published_at 2026-04-04T12:55:00Z
3
value 0.00274
scoring_system epss
scoring_elements 0.50741
published_at 2026-04-07T12:55:00Z
4
value 0.00274
scoring_system epss
scoring_elements 0.50797
published_at 2026-04-13T12:55:00Z
5
value 0.00274
scoring_system epss
scoring_elements 0.50794
published_at 2026-04-09T12:55:00Z
6
value 0.00274
scoring_system epss
scoring_elements 0.50837
published_at 2026-04-11T12:55:00Z
7
value 0.00274
scoring_system epss
scoring_elements 0.50813
published_at 2026-04-12T12:55:00Z
8
value 0.00274
scoring_system epss
scoring_elements 0.50835
published_at 2026-04-16T12:55:00Z
9
value 0.00274
scoring_system epss
scoring_elements 0.50842
published_at 2026-04-18T12:55:00Z
10
value 0.00274
scoring_system epss
scoring_elements 0.5082
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32728
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
reference_id 013_ssh.patch.sig
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
5
reference_url https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
reference_id 041879.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603
reference_id 1102603
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2358767
reference_id 2358767
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2358767
8
reference_url https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
reference_id fc86875e6acb36401dfc1dfb6b628a9d1460f367
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
9
reference_url https://www.openssh.com/txt/release-10.0
reference_id release-10.0
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://www.openssh.com/txt/release-10.0
10
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://www.openssh.com/txt/release-7.4
11
reference_url https://access.redhat.com/errata/RHSA-2025:20126
reference_id RHSA-2025:20126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20126
12
reference_url https://usn.ubuntu.com/7457-1/
reference_id USN-7457-1
reference_type
scores
url https://usn.ubuntu.com/7457-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
aliases CVE-2025-32728
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hse5-y15y-n3dw
9
url VCID-kgn5-p8kx-qucj
vulnerability_id VCID-kgn5-p8kx-qucj
summary OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35387.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35387
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.07559
published_at 2026-04-07T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07582
published_at 2026-04-04T12:55:00Z
2
value 0.0003
scoring_system epss
scoring_elements 0.08681
published_at 2026-04-24T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.08651
published_at 2026-04-12T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08676
published_at 2026-04-09T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08673
published_at 2026-04-11T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08638
published_at 2026-04-13T12:55:00Z
7
value 0.0003
scoring_system epss
scoring_elements 0.08528
published_at 2026-04-16T12:55:00Z
8
value 0.0003
scoring_system epss
scoring_elements 0.08515
published_at 2026-04-18T12:55:00Z
9
value 0.0003
scoring_system epss
scoring_elements 0.08668
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35387
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132574
reference_id 1132574
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132574
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454494
reference_id 2454494
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454494
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://www.openssh.org/releasenotes.html#10.3p1
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2
3
url pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
purl pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1
4
url pkg:deb/debian/openssh@1:10.3p1-1
purl pkg:deb/debian/openssh@1:10.3p1-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1
aliases CVE-2026-35387
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgn5-p8kx-qucj
10
url VCID-wga4-sqwk-4bfj
vulnerability_id VCID-wga4-sqwk-4bfj
summary openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61984.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61984.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61984
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.01186
published_at 2026-04-02T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01392
published_at 2026-04-24T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01208
published_at 2026-04-08T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01211
published_at 2026-04-09T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01198
published_at 2026-04-11T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.01195
published_at 2026-04-13T12:55:00Z
6
value 0.00011
scoring_system epss
scoring_elements 0.01184
published_at 2026-04-16T12:55:00Z
7
value 0.00011
scoring_system epss
scoring_elements 0.01197
published_at 2026-04-18T12:55:00Z
8
value 0.00011
scoring_system epss
scoring_elements 0.01382
published_at 2026-04-21T12:55:00Z
9
value 0.00011
scoring_system epss
scoring_elements 0.01193
published_at 2026-04-12T12:55:00Z
10
value 0.00011
scoring_system epss
scoring_elements 0.01201
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61984
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61984
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.openwall.com/lists/oss-security/2025/10/06/1
reference_id 1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://www.openwall.com/lists/oss-security/2025/10/06/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117529
reference_id 1117529
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117529
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401960
reference_id 2401960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401960
7
reference_url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
reference_id ?l=openssh-unix-dev&m=175974522032149&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
8
reference_url https://www.openssh.com/releasenotes.html#10.1p1
reference_id releasenotes.html#10.1p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://www.openssh.com/releasenotes.html#10.1p1
9
reference_url https://access.redhat.com/errata/RHSA-2025:23479
reference_id RHSA-2025:23479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23479
10
reference_url https://access.redhat.com/errata/RHSA-2025:23480
reference_id RHSA-2025:23480
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23480
11
reference_url https://access.redhat.com/errata/RHSA-2025:23481
reference_id RHSA-2025:23481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23481
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
14
reference_url https://access.redhat.com/errata/RHSA-2026:0693
reference_id RHSA-2026:0693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0693
15
reference_url https://access.redhat.com/errata/RHSA-2026:0976
reference_id RHSA-2026:0976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0976
16
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
17
reference_url https://access.redhat.com/errata/RHSA-2026:1678
reference_id RHSA-2026:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1678
18
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
19
reference_url https://access.redhat.com/errata/RHSA-2026:1815
reference_id RHSA-2026:1815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1815
20
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
21
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
22
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
23
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9
aliases CVE-2025-61984
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wga4-sqwk-4bfj
Fixing_vulnerabilities
0
url VCID-3mzh-y1ek-cqh9
vulnerability_id VCID-3mzh-y1ek-cqh9
summary Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51385
reference_id
reference_type
scores
0
value 0.16522
scoring_system epss
scoring_elements 0.94923
published_at 2026-04-24T12:55:00Z
1
value 0.16522
scoring_system epss
scoring_elements 0.9488
published_at 2026-04-02T12:55:00Z
2
value 0.16522
scoring_system epss
scoring_elements 0.94883
published_at 2026-04-04T12:55:00Z
3
value 0.16522
scoring_system epss
scoring_elements 0.94885
published_at 2026-04-07T12:55:00Z
4
value 0.16522
scoring_system epss
scoring_elements 0.94894
published_at 2026-04-08T12:55:00Z
5
value 0.16522
scoring_system epss
scoring_elements 0.94898
published_at 2026-04-09T12:55:00Z
6
value 0.16522
scoring_system epss
scoring_elements 0.94903
published_at 2026-04-11T12:55:00Z
7
value 0.16522
scoring_system epss
scoring_elements 0.94905
published_at 2026-04-12T12:55:00Z
8
value 0.16522
scoring_system epss
scoring_elements 0.94907
published_at 2026-04-13T12:55:00Z
9
value 0.16522
scoring_system epss
scoring_elements 0.94914
published_at 2026-04-16T12:55:00Z
10
value 0.16522
scoring_system epss
scoring_elements 0.94918
published_at 2026-04-18T12:55:00Z
11
value 0.16522
scoring_system epss
scoring_elements 0.94921
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51385
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255271
reference_id 2255271
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255271
6
reference_url http://www.openwall.com/lists/oss-security/2023/12/26/4
reference_id 4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url http://www.openwall.com/lists/oss-security/2023/12/26/4
7
reference_url https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
reference_id 7ef3787c84b6b524501211b11a26c742f829af1a
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
8
reference_url https://security.netapp.com/advisory/ntap-20240105-0005/
reference_id ntap-20240105-0005
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://security.netapp.com/advisory/ntap-20240105-0005/
9
reference_url https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
reference_id openssh-proxycommand-libssh-rce.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
10
reference_url https://access.redhat.com/errata/RHSA-2024:0429
reference_id RHSA-2024:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0429
11
reference_url https://access.redhat.com/errata/RHSA-2024:0455
reference_id RHSA-2024:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0455
12
reference_url https://access.redhat.com/errata/RHSA-2024:0594
reference_id RHSA-2024:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0594
13
reference_url https://access.redhat.com/errata/RHSA-2024:0606
reference_id RHSA-2024:0606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0606
14
reference_url https://access.redhat.com/errata/RHSA-2024:1130
reference_id RHSA-2024:1130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1130
15
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
16
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
17
reference_url https://usn.ubuntu.com/6560-2/
reference_id USN-6560-2
reference_type
scores
url https://usn.ubuntu.com/6560-2/
18
reference_url https://usn.ubuntu.com/6560-3/
reference_id USN-6560-3
reference_type
scores
url https://usn.ubuntu.com/6560-3/
19
reference_url https://usn.ubuntu.com/6565-1/
reference_id USN-6565-1
reference_type
scores
url https://usn.ubuntu.com/6565-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2023-51385
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mzh-y1ek-cqh9
1
url VCID-87uy-3q5r-r3b7
vulnerability_id VCID-87uy-3q5r-r3b7
summary openssh: scp can send duplicate responses to the server upon a utimes system call failure leading to overwrite of arbitrary files
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12062
reference_id
reference_type
scores
0
value 0.00828
scoring_system epss
scoring_elements 0.74452
published_at 2026-04-01T12:55:00Z
1
value 0.00828
scoring_system epss
scoring_elements 0.74456
published_at 2026-04-02T12:55:00Z
2
value 0.00828
scoring_system epss
scoring_elements 0.74483
published_at 2026-04-04T12:55:00Z
3
value 0.00828
scoring_system epss
scoring_elements 0.74457
published_at 2026-04-07T12:55:00Z
4
value 0.00828
scoring_system epss
scoring_elements 0.74489
published_at 2026-04-08T12:55:00Z
5
value 0.00828
scoring_system epss
scoring_elements 0.74505
published_at 2026-04-09T12:55:00Z
6
value 0.00828
scoring_system epss
scoring_elements 0.74527
published_at 2026-04-11T12:55:00Z
7
value 0.00828
scoring_system epss
scoring_elements 0.74508
published_at 2026-04-12T12:55:00Z
8
value 0.00828
scoring_system epss
scoring_elements 0.745
published_at 2026-04-13T12:55:00Z
9
value 0.00828
scoring_system epss
scoring_elements 0.74537
published_at 2026-04-21T12:55:00Z
10
value 0.00828
scoring_system epss
scoring_elements 0.74545
published_at 2026-04-18T12:55:00Z
11
value 0.00828
scoring_system epss
scoring_elements 0.74572
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12062
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1854145
reference_id 1854145
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1854145
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2020-12062
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-87uy-3q5r-r3b7
2
url VCID-fczw-59xy-83c6
vulnerability_id VCID-fczw-59xy-83c6
summary openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41617
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.50737
published_at 2026-04-01T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.50808
published_at 2026-04-24T12:55:00Z
2
value 0.00274
scoring_system epss
scoring_elements 0.5088
published_at 2026-04-18T12:55:00Z
3
value 0.00274
scoring_system epss
scoring_elements 0.50859
published_at 2026-04-21T12:55:00Z
4
value 0.00274
scoring_system epss
scoring_elements 0.50794
published_at 2026-04-02T12:55:00Z
5
value 0.00274
scoring_system epss
scoring_elements 0.50819
published_at 2026-04-04T12:55:00Z
6
value 0.00274
scoring_system epss
scoring_elements 0.50777
published_at 2026-04-07T12:55:00Z
7
value 0.00274
scoring_system epss
scoring_elements 0.50833
published_at 2026-04-08T12:55:00Z
8
value 0.00274
scoring_system epss
scoring_elements 0.50832
published_at 2026-04-09T12:55:00Z
9
value 0.00274
scoring_system epss
scoring_elements 0.50874
published_at 2026-04-16T12:55:00Z
10
value 0.00274
scoring_system epss
scoring_elements 0.50851
published_at 2026-04-12T12:55:00Z
11
value 0.00274
scoring_system epss
scoring_elements 0.50835
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2008291
reference_id 2008291
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2008291
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130
reference_id 995130
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130
6
reference_url https://security.archlinux.org/AVG-2422
reference_id AVG-2422
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2422
7
reference_url https://access.redhat.com/errata/RHSA-2021:4782
reference_id RHSA-2021:4782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4782
8
reference_url https://access.redhat.com/errata/RHSA-2022:2013
reference_id RHSA-2022:2013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2013
9
reference_url https://usn.ubuntu.com/5666-1/
reference_id USN-5666-1
reference_type
scores
url https://usn.ubuntu.com/5666-1/
10
reference_url https://usn.ubuntu.com/6565-1/
reference_id USN-6565-1
reference_type
scores
url https://usn.ubuntu.com/6565-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2021-41617
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fczw-59xy-83c6
3
url VCID-ge2m-my5w-z3eb
vulnerability_id VCID-ge2m-my5w-z3eb
summary 
Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could allow a remote attacker to execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28041
reference_id
reference_type
scores
0
value 0.0024
scoring_system epss
scoring_elements 0.46999
published_at 2026-04-01T12:55:00Z
1
value 0.0024
scoring_system epss
scoring_elements 0.47044
published_at 2026-04-24T12:55:00Z
2
value 0.0024
scoring_system epss
scoring_elements 0.47114
published_at 2026-04-16T12:55:00Z
3
value 0.0024
scoring_system epss
scoring_elements 0.47109
published_at 2026-04-18T12:55:00Z
4
value 0.0024
scoring_system epss
scoring_elements 0.47036
published_at 2026-04-02T12:55:00Z
5
value 0.0024
scoring_system epss
scoring_elements 0.47054
published_at 2026-04-04T12:55:00Z
6
value 0.0024
scoring_system epss
scoring_elements 0.47002
published_at 2026-04-07T12:55:00Z
7
value 0.0024
scoring_system epss
scoring_elements 0.47057
published_at 2026-04-21T12:55:00Z
8
value 0.0024
scoring_system epss
scoring_elements 0.47053
published_at 2026-04-09T12:55:00Z
9
value 0.0024
scoring_system epss
scoring_elements 0.47077
published_at 2026-04-11T12:55:00Z
10
value 0.0024
scoring_system epss
scoring_elements 0.47051
published_at 2026-04-12T12:55:00Z
11
value 0.0024
scoring_system epss
scoring_elements 0.47058
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1935055
reference_id 1935055
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1935055
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940
reference_id 984940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940
6
reference_url https://security.archlinux.org/ASA-202103-6
reference_id ASA-202103-6
reference_type
scores
url https://security.archlinux.org/ASA-202103-6
7
reference_url https://security.archlinux.org/AVG-1657
reference_id AVG-1657
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1657
8
reference_url https://security.gentoo.org/glsa/202105-35
reference_id GLSA-202105-35
reference_type
scores
url https://security.gentoo.org/glsa/202105-35
9
reference_url https://usn.ubuntu.com/4762-1/
reference_id USN-4762-1
reference_type
scores
url https://usn.ubuntu.com/4762-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2021-28041
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2m-my5w-z3eb
4
url VCID-jzn6-bzzf-nugp
vulnerability_id VCID-jzn6-bzzf-nugp
summary 
Improper Validation of Integrity Check Value
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
references
0
reference_url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
reference_id
reference_type
scores
0
value 0.53559
scoring_system epss
scoring_elements 0.97994
published_at 2026-04-24T12:55:00Z
1
value 0.5673
scoring_system epss
scoring_elements 0.98123
published_at 2026-04-08T12:55:00Z
2
value 0.5673
scoring_system epss
scoring_elements 0.98136
published_at 2026-04-18T12:55:00Z
3
value 0.5673
scoring_system epss
scoring_elements 0.98118
published_at 2026-04-04T12:55:00Z
4
value 0.5673
scoring_system epss
scoring_elements 0.98119
published_at 2026-04-07T12:55:00Z
5
value 0.5673
scoring_system epss
scoring_elements 0.98124
published_at 2026-04-09T12:55:00Z
6
value 0.5673
scoring_system epss
scoring_elements 0.98114
published_at 2026-04-02T12:55:00Z
7
value 0.5673
scoring_system epss
scoring_elements 0.98128
published_at 2026-04-12T12:55:00Z
8
value 0.5673
scoring_system epss
scoring_elements 0.98129
published_at 2026-04-13T12:55:00Z
9
value 0.5673
scoring_system epss
scoring_elements 0.98134
published_at 2026-04-16T12:55:00Z
10
value 0.61084
scoring_system epss
scoring_elements 0.98316
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
3
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
4
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
5
reference_url https://bugs.gentoo.org/920280
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugs.gentoo.org/920280
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
7
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1217950
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1217950
8
reference_url https://crates.io/crates/thrussh/versions
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://crates.io/crates/thrussh/versions
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
13
reference_url http://seclists.org/fulldisclosure/2024/Mar/21
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://seclists.org/fulldisclosure/2024/Mar/21
14
reference_url https://filezilla-project.org/versions.php
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://filezilla-project.org/versions.php
15
reference_url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
16
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
17
reference_url https://github.com/apache/mina-sshd/issues/445
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/apache/mina-sshd/issues/445
18
reference_url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
19
reference_url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
20
reference_url https://github.com/cyd01/KiTTY/issues/520
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/cyd01/KiTTY/issues/520
21
reference_url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
22
reference_url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
23
reference_url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
24
reference_url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
25
reference_url https://github.com/hierynomus/sshj/issues/916
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/hierynomus/sshj/issues/916
26
reference_url https://github.com/janmojzis/tinyssh/issues/81
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/janmojzis/tinyssh/issues/81
27
reference_url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
28
reference_url https://github.com/libssh2/libssh2/pull/1291
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/libssh2/libssh2/pull/1291
29
reference_url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
30
reference_url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
31
reference_url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
32
reference_url https://github.com/mwiede/jsch/issues/457
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/issues/457
33
reference_url https://github.com/mwiede/jsch/pull/461
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/pull/461
34
reference_url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
35
reference_url https://github.com/NixOS/nixpkgs/pull/275249
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/NixOS/nixpkgs/pull/275249
36
reference_url https://github.com/openssh/openssh-portable/commits/master
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/openssh/openssh-portable/commits/master
37
reference_url https://github.com/paramiko/paramiko/issues/2337
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/paramiko/paramiko/issues/2337
38
reference_url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
39
reference_url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
40
reference_url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
41
reference_url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
42
reference_url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
43
reference_url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
44
reference_url https://github.com/proftpd/proftpd/issues/456
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/issues/456
45
reference_url https://github.com/rapier1/hpn-ssh/releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/rapier1/hpn-ssh/releases
46
reference_url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
47
reference_url https://github.com/ronf/asyncssh/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/tags
48
reference_url https://github.com/ssh-mitm/ssh-mitm/issues/165
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ssh-mitm/ssh-mitm/issues/165
49
reference_url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
50
reference_url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
51
reference_url https://github.com/warp-tech/russh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh
52
reference_url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
53
reference_url https://github.com/warp-tech/russh/releases/tag/v0.40.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/warp-tech/russh/releases/tag/v0.40.2
54
reference_url https://gitlab.com/libssh/libssh-mirror/-/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://gitlab.com/libssh/libssh-mirror/-/tags
55
reference_url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
56
reference_url https://go.dev/cl/550715
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/550715
57
reference_url https://go.dev/issue/64784
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/64784
58
reference_url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
59
reference_url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
60
reference_url https://help.panic.com/releasenotes/transmit5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://help.panic.com/releasenotes/transmit5
61
reference_url https://help.panic.com/releasenotes/transmit5/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://help.panic.com/releasenotes/transmit5/
62
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
63
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
64
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
65
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
66
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
67
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
68
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
69
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
70
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
71
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
72
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
73
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
74
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
75
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
76
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
77
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
78
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
79
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
80
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
85
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
86
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
87
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
88
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
89
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
90
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
91
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
93
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
94
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
95
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
96
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
97
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
98
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
99
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
100
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
101
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
102
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
103
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
106
reference_url https://matt.ucc.asn.au/dropbear/CHANGES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://matt.ucc.asn.au/dropbear/CHANGES
107
reference_url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
108
reference_url https://news.ycombinator.com/item?id=38684904
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38684904
109
reference_url https://news.ycombinator.com/item?id=38685286
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38685286
110
reference_url https://news.ycombinator.com/item?id=38732005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38732005
111
reference_url https://nova.app/releases/#v11.8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nova.app/releases/#v11.8
112
reference_url https://oryx-embedded.com/download/#changelog
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://oryx-embedded.com/download/#changelog
113
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
114
reference_url https://roumenpetrov.info/secsh/#news20231220
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://roumenpetrov.info/secsh/#news20231220
115
reference_url https://security.gentoo.org/glsa/202312-16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-16
116
reference_url https://security.gentoo.org/glsa/202312-17
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-17
117
reference_url https://security.netapp.com/advisory/ntap-20240105-0004
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240105-0004
118
reference_url https://security-tracker.debian.org/tracker/source-package/libssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/libssh2
119
reference_url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
120
reference_url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
121
reference_url https://support.apple.com/kb/HT214084
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://support.apple.com/kb/HT214084
122
reference_url https://twitter.com/TrueSkrillor/status/1736774389725565005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://twitter.com/TrueSkrillor/status/1736774389725565005
123
reference_url https://winscp.net/eng/docs/history#6.2.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://winscp.net/eng/docs/history#6.2.2
124
reference_url https://www.bitvise.com/ssh-client-version-history#933
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-client-version-history#933
125
reference_url https://www.bitvise.com/ssh-server-version-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-server-version-history
126
reference_url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
127
reference_url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
128
reference_url https://www.debian.org/security/2023/dsa-5586
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5586
129
reference_url https://www.debian.org/security/2023/dsa-5588
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5588
130
reference_url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
131
reference_url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
132
reference_url https://www.netsarang.com/en/xshell-update-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.netsarang.com/en/xshell-update-history
133
reference_url https://www.netsarang.com/en/xshell-update-history/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.netsarang.com/en/xshell-update-history/
134
reference_url https://www.openssh.com/openbsd.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/openbsd.html
135
reference_url https://www.openssh.com/txt/release-9.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/txt/release-9.6
136
reference_url https://www.openwall.com/lists/oss-security/2023/12/18/2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/18/2
137
reference_url https://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/20/3
138
reference_url https://www.paramiko.org/changelog.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.paramiko.org/changelog.html
139
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
140
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
141
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
142
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
143
reference_url https://www.terrapin-attack.com
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.terrapin-attack.com
144
reference_url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
145
reference_url https://www.vandyke.com/products/securecrt/history.txt
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.vandyke.com/products/securecrt/history.txt
146
reference_url http://www.openwall.com/lists/oss-security/2023/12/18/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/18/3
147
reference_url http://www.openwall.com/lists/oss-security/2023/12/19/5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/19/5
148
reference_url http://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/20/3
149
reference_url http://www.openwall.com/lists/oss-security/2024/03/06/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/03/06/3
150
reference_url http://www.openwall.com/lists/oss-security/2024/04/17/8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/04/17/8
151
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
reference_id 1059001
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
152
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
reference_id 1059002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
153
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
reference_id 1059003
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
154
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
reference_id 1059004
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
155
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
reference_id 1059005
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
156
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
reference_id 1059006
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
157
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
reference_id 1059007
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
158
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
reference_id 1059058
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
159
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
reference_id 1059144
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
160
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
reference_id 1059290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
161
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
reference_id 1059294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
162
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
reference_id 33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
163
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
reference_id 3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
164
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
reference_id 3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
165
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
reference_id 6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
166
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
reference_id BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
167
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
reference_id C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
168
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
reference_id CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
169
reference_url https://access.redhat.com/security/cve/cve-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://access.redhat.com/security/cve/cve-2023-48795
170
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
171
reference_url https://security-tracker.debian.org/tracker/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/CVE-2023-48795
172
reference_url https://ubuntu.com/security/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://ubuntu.com/security/CVE-2023-48795
173
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://thorntech.com/cve-2023-48795-and-sftp-gateway
174
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
175
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
reference_id CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
176
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
reference_id CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
177
reference_url https://github.com/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/advisories/GHSA-45x7-px36-x8w8
178
reference_url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
179
reference_url https://security.gentoo.org/glsa/202407-11
reference_id GLSA-202407-11
reference_type
scores
url https://security.gentoo.org/glsa/202407-11
180
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
181
reference_url https://security.gentoo.org/glsa/202509-06
reference_id GLSA-202509-06
reference_type
scores
url https://security.gentoo.org/glsa/202509-06
182
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
reference_id HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
183
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
reference_id I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
184
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
reference_id KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
185
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
reference_id L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
186
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
reference_id LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
187
reference_url https://security.netapp.com/advisory/ntap-20240105-0004/
reference_id ntap-20240105-0004
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.netapp.com/advisory/ntap-20240105-0004/
188
reference_url https://access.redhat.com/errata/RHSA-2023:7197
reference_id RHSA-2023:7197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7197
189
reference_url https://access.redhat.com/errata/RHSA-2023:7198
reference_id RHSA-2023:7198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7198
190
reference_url https://access.redhat.com/errata/RHSA-2023:7201
reference_id RHSA-2023:7201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7201
191
reference_url https://access.redhat.com/errata/RHSA-2024:0040
reference_id RHSA-2024:0040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0040
192
reference_url https://access.redhat.com/errata/RHSA-2024:0429
reference_id RHSA-2024:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0429
193
reference_url https://access.redhat.com/errata/RHSA-2024:0455
reference_id RHSA-2024:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0455
194
reference_url https://access.redhat.com/errata/RHSA-2024:0499
reference_id RHSA-2024:0499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0499
195
reference_url https://access.redhat.com/errata/RHSA-2024:0538
reference_id RHSA-2024:0538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0538
196
reference_url https://access.redhat.com/errata/RHSA-2024:0594
reference_id RHSA-2024:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0594
197
reference_url https://access.redhat.com/errata/RHSA-2024:0606
reference_id RHSA-2024:0606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0606
198
reference_url https://access.redhat.com/errata/RHSA-2024:0625
reference_id RHSA-2024:0625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0625
199
reference_url https://access.redhat.com/errata/RHSA-2024:0628
reference_id RHSA-2024:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0628
200
reference_url https://access.redhat.com/errata/RHSA-2024:0766
reference_id RHSA-2024:0766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0766
201
reference_url https://access.redhat.com/errata/RHSA-2024:0789
reference_id RHSA-2024:0789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0789
202
reference_url https://access.redhat.com/errata/RHSA-2024:0843
reference_id RHSA-2024:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0843
203
reference_url https://access.redhat.com/errata/RHSA-2024:0880
reference_id RHSA-2024:0880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0880
204
reference_url https://access.redhat.com/errata/RHSA-2024:0954
reference_id RHSA-2024:0954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0954
205
reference_url https://access.redhat.com/errata/RHSA-2024:1130
reference_id RHSA-2024:1130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1130
206
reference_url https://access.redhat.com/errata/RHSA-2024:1150
reference_id RHSA-2024:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1150
207
reference_url https://access.redhat.com/errata/RHSA-2024:1192
reference_id RHSA-2024:1192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1192
208
reference_url https://access.redhat.com/errata/RHSA-2024:1193
reference_id RHSA-2024:1193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1193
209
reference_url https://access.redhat.com/errata/RHSA-2024:1196
reference_id RHSA-2024:1196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1196
210
reference_url https://access.redhat.com/errata/RHSA-2024:1197
reference_id RHSA-2024:1197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1197
211
reference_url https://access.redhat.com/errata/RHSA-2024:1210
reference_id RHSA-2024:1210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1210
212
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
213
reference_url https://access.redhat.com/errata/RHSA-2024:1557
reference_id RHSA-2024:1557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1557
214
reference_url https://access.redhat.com/errata/RHSA-2024:1859
reference_id RHSA-2024:1859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1859
215
reference_url https://access.redhat.com/errata/RHSA-2024:2728
reference_id RHSA-2024:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2728
216
reference_url https://access.redhat.com/errata/RHSA-2024:2735
reference_id RHSA-2024:2735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2735
217
reference_url https://access.redhat.com/errata/RHSA-2024:2768
reference_id RHSA-2024:2768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2768
218
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
219
reference_url https://access.redhat.com/errata/RHSA-2024:3479
reference_id RHSA-2024:3479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3479
220
reference_url https://access.redhat.com/errata/RHSA-2024:3634
reference_id RHSA-2024:3634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3634
221
reference_url https://access.redhat.com/errata/RHSA-2024:3635
reference_id RHSA-2024:3635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3635
222
reference_url https://access.redhat.com/errata/RHSA-2024:3636
reference_id RHSA-2024:3636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3636
223
reference_url https://access.redhat.com/errata/RHSA-2024:3918
reference_id RHSA-2024:3918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3918
224
reference_url https://access.redhat.com/errata/RHSA-2024:4010
reference_id RHSA-2024:4010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4010
225
reference_url https://access.redhat.com/errata/RHSA-2024:4151
reference_id RHSA-2024:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4151
226
reference_url https://access.redhat.com/errata/RHSA-2024:4329
reference_id RHSA-2024:4329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4329
227
reference_url https://access.redhat.com/errata/RHSA-2024:4479
reference_id RHSA-2024:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4479
228
reference_url https://access.redhat.com/errata/RHSA-2024:4484
reference_id RHSA-2024:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4484
229
reference_url https://access.redhat.com/errata/RHSA-2024:4597
reference_id RHSA-2024:4597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4597
230
reference_url https://access.redhat.com/errata/RHSA-2024:4662
reference_id RHSA-2024:4662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4662
231
reference_url https://access.redhat.com/errata/RHSA-2024:4955
reference_id RHSA-2024:4955
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4955
232
reference_url https://access.redhat.com/errata/RHSA-2024:4959
reference_id RHSA-2024:4959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4959
233
reference_url https://access.redhat.com/errata/RHSA-2024:5200
reference_id RHSA-2024:5200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5200
234
reference_url https://access.redhat.com/errata/RHSA-2024:5432
reference_id RHSA-2024:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5432
235
reference_url https://access.redhat.com/errata/RHSA-2024:5433
reference_id RHSA-2024:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5433
236
reference_url https://access.redhat.com/errata/RHSA-2024:5438
reference_id RHSA-2024:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5438
237
reference_url https://access.redhat.com/errata/RHSA-2024:8235
reference_id RHSA-2024:8235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8235
238
reference_url https://access.redhat.com/errata/RHSA-2025:4664
reference_id RHSA-2025:4664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4664
239
reference_url https://usn.ubuntu.com/6560-1/
reference_id USN-6560-1
reference_type
scores
url https://usn.ubuntu.com/6560-1/
240
reference_url https://usn.ubuntu.com/6560-2/
reference_id USN-6560-2
reference_type
scores
url https://usn.ubuntu.com/6560-2/
241
reference_url https://usn.ubuntu.com/6561-1/
reference_id USN-6561-1
reference_type
scores
url https://usn.ubuntu.com/6561-1/
242
reference_url https://usn.ubuntu.com/6585-1/
reference_id USN-6585-1
reference_type
scores
url https://usn.ubuntu.com/6585-1/
243
reference_url https://usn.ubuntu.com/6589-1/
reference_id USN-6589-1
reference_type
scores
url https://usn.ubuntu.com/6589-1/
244
reference_url https://usn.ubuntu.com/6598-1/
reference_id USN-6598-1
reference_type
scores
url https://usn.ubuntu.com/6598-1/
245
reference_url https://usn.ubuntu.com/6738-1/
reference_id USN-6738-1
reference_type
scores
url https://usn.ubuntu.com/6738-1/
246
reference_url https://usn.ubuntu.com/7051-1/
reference_id USN-7051-1
reference_type
scores
url https://usn.ubuntu.com/7051-1/
247
reference_url https://usn.ubuntu.com/7292-1/
reference_id USN-7292-1
reference_type
scores
url https://usn.ubuntu.com/7292-1/
248
reference_url https://usn.ubuntu.com/7297-1/
reference_id USN-7297-1
reference_type
scores
url https://usn.ubuntu.com/7297-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2023-48795, GHSA-45x7-px36-x8w8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp
5
url VCID-ubjj-qb2c-n3d4
vulnerability_id VCID-ubjj-qb2c-n3d4
summary 
An integer overflow in OpenSSH might allow an attacker to execute
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16905
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.5048
published_at 2026-04-01T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50537
published_at 2026-04-02T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.50564
published_at 2026-04-04T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50518
published_at 2026-04-07T12:55:00Z
4
value 0.00271
scoring_system epss
scoring_elements 0.50573
published_at 2026-04-08T12:55:00Z
5
value 0.00271
scoring_system epss
scoring_elements 0.50569
published_at 2026-04-09T12:55:00Z
6
value 0.00271
scoring_system epss
scoring_elements 0.50612
published_at 2026-04-11T12:55:00Z
7
value 0.00271
scoring_system epss
scoring_elements 0.50588
published_at 2026-04-12T12:55:00Z
8
value 0.00271
scoring_system epss
scoring_elements 0.50574
published_at 2026-04-13T12:55:00Z
9
value 0.00271
scoring_system epss
scoring_elements 0.50616
published_at 2026-04-16T12:55:00Z
10
value 0.00271
scoring_system epss
scoring_elements 0.5062
published_at 2026-04-18T12:55:00Z
11
value 0.00271
scoring_system epss
scoring_elements 0.50599
published_at 2026-04-21T12:55:00Z
12
value 0.00271
scoring_system epss
scoring_elements 0.50548
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1767966
reference_id 1767966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1767966
4
reference_url https://security.gentoo.org/glsa/201911-01
reference_id GLSA-201911-01
reference_type
scores
url https://security.gentoo.org/glsa/201911-01
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2019-16905
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ubjj-qb2c-n3d4
6
url VCID-zncv-645p-f3gn
vulnerability_id VCID-zncv-645p-f3gn
summary Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38408
reference_id
reference_type
scores
0
value 0.64352
scoring_system epss
scoring_elements 0.98452
published_at 2026-04-18T12:55:00Z
1
value 0.64352
scoring_system epss
scoring_elements 0.98457
published_at 2026-04-24T12:55:00Z
2
value 0.64352
scoring_system epss
scoring_elements 0.98447
published_at 2026-04-13T12:55:00Z
3
value 0.64352
scoring_system epss
scoring_elements 0.98448
published_at 2026-04-12T12:55:00Z
4
value 0.64352
scoring_system epss
scoring_elements 0.98445
published_at 2026-04-09T12:55:00Z
5
value 0.64352
scoring_system epss
scoring_elements 0.98443
published_at 2026-04-08T12:55:00Z
6
value 0.66852
scoring_system epss
scoring_elements 0.98543
published_at 2026-04-07T12:55:00Z
7
value 0.67693
scoring_system epss
scoring_elements 0.98586
published_at 2026-04-21T12:55:00Z
8
value 0.69995
scoring_system epss
scoring_elements 0.98662
published_at 2026-04-04T12:55:00Z
9
value 0.69995
scoring_system epss
scoring_elements 0.98659
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38408
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460
reference_id 1042460
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460
5
reference_url http://www.openwall.com/lists/oss-security/2023/09/22/11
reference_id 11
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/09/22/11
6
reference_url http://www.openwall.com/lists/oss-security/2023/07/20/2
reference_id 2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/07/20/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2224173
reference_id 2224173
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2224173
8
reference_url https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
reference_id 7bc29a9d5cd697290aa056e94ecee6253d3425f8
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
9
reference_url http://www.openwall.com/lists/oss-security/2023/09/22/9
reference_id 9
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/09/22/9
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/
reference_id CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/
11
reference_url https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
reference_id cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
12
reference_url https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408
reference_id exploring-opensshs-agent-forwarding-rce-cve-2023-38408
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408
13
reference_url https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
reference_id f03a4faa55c4ce0818324701dadbf91988d7351d
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
14
reference_url https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
reference_id f8f5a6b003981bb824329dc987d101977beda7ca
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
15
reference_url https://security.gentoo.org/glsa/202307-01
reference_id GLSA-202307-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://security.gentoo.org/glsa/202307-01
16
reference_url https://support.apple.com/kb/HT213940
reference_id HT213940
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://support.apple.com/kb/HT213940
17
reference_url https://news.ycombinator.com/item?id=36790196
reference_id item?id=36790196
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://news.ycombinator.com/item?id=36790196
18
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html
reference_id msg00021.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html
19
reference_url https://security.netapp.com/advisory/ntap-20230803-0010/
reference_id ntap-20230803-0010
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://security.netapp.com/advisory/ntap-20230803-0010/
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/
reference_id RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/
21
reference_url https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
reference_id rce-openssh-forwarded-ssh-agent.txt
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
22
reference_url https://www.openssh.com/txt/release-9.3p2
reference_id release-9.3p2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.openssh.com/txt/release-9.3p2
23
reference_url https://access.redhat.com/errata/RHSA-2023:4329
reference_id RHSA-2023:4329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4329
24
reference_url https://access.redhat.com/errata/RHSA-2023:4381
reference_id RHSA-2023:4381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4381
25
reference_url https://access.redhat.com/errata/RHSA-2023:4382
reference_id RHSA-2023:4382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4382
26
reference_url https://access.redhat.com/errata/RHSA-2023:4383
reference_id RHSA-2023:4383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4383
27
reference_url https://access.redhat.com/errata/RHSA-2023:4384
reference_id RHSA-2023:4384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4384
28
reference_url https://access.redhat.com/errata/RHSA-2023:4412
reference_id RHSA-2023:4412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4412
29
reference_url https://access.redhat.com/errata/RHSA-2023:4413
reference_id RHSA-2023:4413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4413
30
reference_url https://access.redhat.com/errata/RHSA-2023:4419
reference_id RHSA-2023:4419
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4419
31
reference_url https://access.redhat.com/errata/RHSA-2023:4428
reference_id RHSA-2023:4428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4428
32
reference_url https://access.redhat.com/errata/RHSA-2023:4889
reference_id RHSA-2023:4889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4889
33
reference_url https://www.openssh.com/security.html
reference_id security.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.openssh.com/security.html
34
reference_url https://usn.ubuntu.com/6242-1/
reference_id USN-6242-1
reference_type
scores
url https://usn.ubuntu.com/6242-1/
35
reference_url https://usn.ubuntu.com/6242-2/
reference_id USN-6242-2
reference_type
scores
url https://usn.ubuntu.com/6242-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-ha8v-pqwf-r3a1
8
vulnerability VCID-hse5-y15y-n3dw
9
vulnerability VCID-kgn5-p8kx-qucj
10
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3
aliases CVE-2023-38408
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zncv-645p-f3gn
Risk_score3.7
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3