Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/571192?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/571192?format=api", "purl": "pkg:deb/debian/putty@0.58-1", "type": "deb", "namespace": "debian", "name": "putty", "version": "0.58-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "0.74-1+deb11u2", "latest_non_vulnerable_version": "0.74-1+deb11u2", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50594?format=api", "vulnerability_id": "VCID-24cg-zw49-b3ab", "summary": "Multiple vulnerabilities have been discovered in PuTTY, the worst of which could lead to compromised keys.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.9536", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95374", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95353", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.9537", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.19221", "scoring_system": "epss", "scoring_elements": "0.95361", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95393", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19629", "scoring_system": "epss", "scoring_elements": "0.95403", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497" }, { "reference_url": "https://twitter.com/lambdafu/status/1779969509522133272", "reference_id": "1779969509522133272", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://twitter.com/lambdafu/status/1779969509522133272" }, { "reference_url": "https://twitter.com/CCBalert/status/1780229237569470549", "reference_id": "1780229237569470549", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://twitter.com/CCBalert/status/1780229237569470549" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/04/15/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/15/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6" }, { "reference_url": "https://github.com/daedalus/BreakingECDSAwithLLL", "reference_id": "BreakingECDSAwithLLL", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://github.com/daedalus/BreakingECDSAwithLLL" }, { "reference_url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", "reference_id": "Chapter9.html#pageant-forward", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2024-31497", "reference_id": "CVE-2024-31497", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497" }, { "reference_url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", "reference_id": "cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/" }, { "reference_url": "https://github.com/advisories/GHSA-6p4c-r453-8743", "reference_id": "GHSA-6p4c-r453-8743", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://github.com/advisories/GHSA-6p4c-r453-8743" }, { "reference_url": "https://security.gentoo.org/glsa/202407-11", "reference_id": "GLSA-202407-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-11" }, { "reference_url": "https://news.ycombinator.com/item?id=40044665", "reference_id": "item?id=40044665", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://news.ycombinator.com/item?id=40044665" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", "reference_id": "IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/" }, { "reference_url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", "reference_id": "key-generation-and-agent-forwarding-with-putty", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", "reference_id": "MMHILY2K7HQGQRHOC375KRRG2M6625RD", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html" }, { "reference_url": "https://winscp.net/eng/news.php", "reference_id": "news.php", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://winscp.net/eng/news.php" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", "reference_id": "PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/" }, { "reference_url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", "reference_id": "putty.git", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git" }, { "reference_url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", "reference_id": "putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", "reference_id": "putty_vulnerability_affecting_v068_to_v08", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864", "reference_id": "show_bug.cgi?id=1222864", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", "reference_id": "show_bug.cgi?id=2275183", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183" }, { "reference_url": "https://tortoisegit.org", "reference_id": "tortoisegit.org", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://tortoisegit.org" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", "reference_id": "vuln-p521-bias.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", "reference_id": "WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", "reference_id": "WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2024-31497" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-24cg-zw49-b3ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94824?format=api", "vulnerability_id": "VCID-5524-rbbb-xydc", "summary": "PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36367", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33168", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33327", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3316", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33237", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3324", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33175", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33216", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33194", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33295", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-36367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36367" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990901", "reference_id": "990901", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990901" }, { "reference_url": "https://security.archlinux.org/ASA-202107-37", "reference_id": "ASA-202107-37", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202107-37" }, { "reference_url": "https://security.archlinux.org/AVG-2143", "reference_id": "AVG-2143", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2143" }, { "reference_url": "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", "reference_id": "putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-22T20:07:50Z/" } ], "url": "https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2021-36367" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5524-rbbb-xydc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31705?format=api", "vulnerability_id": "VCID-5c43-x53a-y7bw", "summary": "Multiple vulnerabilities have been found in FileZilla, the worst of\n which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82491", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82505", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82523", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.8252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82553", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82571", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01751", "scoring_system": "epss", "scoring_elements": "0.82596", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779", "reference_id": "718779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718800", "reference_id": "718800", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718800" }, { "reference_url": "https://security.gentoo.org/glsa/201308-01", "reference_id": "GLSA-201308-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201308-01" }, { "reference_url": "https://security.gentoo.org/glsa/201309-08", "reference_id": "GLSA-201309-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037248?format=api", "purl": "pkg:deb/debian/putty@0.63-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10" } ], "aliases": [ "CVE-2013-4852" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5c43-x53a-y7bw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79733?format=api", "vulnerability_id": "VCID-8b5g-ajhf-7ydp", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88876", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88808", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88816", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88832", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88835", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88852", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88858", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88869", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04291", "scoring_system": "epss", "scoring_elements": "0.88865", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190329-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190329-0002/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190401-0002/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190401-0002/" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4423" }, { "reference_url": "http://www.securityfocus.com/bid/107523", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107523" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9898", "reference_id": "CVE-2019-9898", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9898" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052046?format=api", "purl": "pkg:deb/debian/putty@0.70-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6" } ], "aliases": [ "CVE-2019-9898" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8b5g-ajhf-7ydp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31703?format=api", "vulnerability_id": "VCID-8em6-srgn-dbhh", "summary": "Multiple vulnerabilities have been found in FileZilla, the worst of\n which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68796", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68815", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68835", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68865", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68885", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68863", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00579", "scoring_system": "epss", "scoring_elements": "0.68915", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070", "reference_id": "719070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070" }, { "reference_url": "https://security.gentoo.org/glsa/201309-08", "reference_id": "GLSA-201309-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037248?format=api", "purl": "pkg:deb/debian/putty@0.63-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10" } ], "aliases": [ "CVE-2013-4207" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8em6-srgn-dbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94072?format=api", "vulnerability_id": "VCID-9ss1-k3at-nub5", "summary": "PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64816", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64805", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64684", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64774", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64789", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64806", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00474", "scoring_system": "epss", "scoring_elements": "0.64767", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17069" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17069", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17069" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "reference_url": "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191127-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191127-0003/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17069", "reference_id": "CVE-2019-17069", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17069" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-17069" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ss1-k3at-nub5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49338?format=api", "vulnerability_id": "VCID-a7m1-vrvp-hyap", "summary": "A buffer overflow in PuTTY might allow remote attackers to execute\n arbitrary code or cause a denial of service.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95811", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.9576", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95769", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95777", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95779", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95791", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95794", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95795", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.22153", "scoring_system": "epss", "scoring_elements": "0.95796", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6542" }, { "reference_url": "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8", "reference_id": "", "reference_type": "", "scores": [], "url": "https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8" }, { "reference_url": "https://www.exploit-db.com/exploits/42137/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/42137/" }, { "reference_url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html" }, { "reference_url": "http://www.securityfocus.com/bid/97156", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97156" }, { "reference_url": "http://www.securitytracker.com/id/1038067", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1038067" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857642", "reference_id": "857642", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857642" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42137.txt", "reference_id": "CVE-2017-6542", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42137.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6542", "reference_id": "CVE-2017-6542", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-6542" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html", "reference_id": "CVE-2017-6542", "reference_type": "exploit", "scores": [], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html" }, { "reference_url": "https://security.gentoo.org/glsa/201703-03", "reference_id": "GLSA-201703-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201703-03" }, { "reference_url": "https://security.gentoo.org/glsa/201706-09", "reference_id": "GLSA-201706-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-09" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" } ], "aliases": [ "CVE-2017-6542" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a7m1-vrvp-hyap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79731?format=api", "vulnerability_id": "VCID-aee6-9w9s-mkbe", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75938", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75936", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.7584", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75843", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75875", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75855", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75887", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.759", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75923", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75904", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00915", "scoring_system": "epss", "scoring_elements": "0.75898", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190404-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190404-0001/" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4423" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9895", "reference_id": "CVE-2019-9895", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9895" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052046?format=api", "purl": "pkg:deb/debian/putty@0.70-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6" } ], "aliases": [ "CVE-2019-9895" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aee6-9w9s-mkbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31704?format=api", "vulnerability_id": "VCID-ch3d-pgfs-nfej", "summary": "Multiple vulnerabilities have been found in FileZilla, the worst of\n which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19557", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19699", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19746", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1947", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19549", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19601", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19498", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19464", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19472", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070", "reference_id": "719070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070" }, { "reference_url": "https://security.gentoo.org/glsa/201309-08", "reference_id": "GLSA-201309-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037248?format=api", "purl": "pkg:deb/debian/putty@0.63-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10" } ], "aliases": [ "CVE-2013-4208" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ch3d-pgfs-nfej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51287?format=api", "vulnerability_id": "VCID-e979-9hzq-jqba", "summary": "Multiple vulnerabilities have been found in PuTTY, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2563", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.9655", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96538", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96504", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96513", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96518", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96521", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.9653", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.28635", "scoring_system": "epss", "scoring_elements": "0.96535", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2563" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2563", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2563" }, { "reference_url": "http://seclists.org/fulldisclosure/2016/Mar/22", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2016/Mar/22" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563" }, { "reference_url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html" }, { "reference_url": "http://www.securityfocus.com/bid/84296", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/84296" }, { "reference_url": "http://www.securitytracker.com/id/1035257", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035257" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816921", "reference_id": "816921", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816921" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/tintinweb/pub/tree/999963dfda3f90f96687272d914967f2364a6651/pocs/cve-2016-2563", "reference_id": "CVE-2016-2563", "reference_type": "exploit", "scores": [], "url": "https://github.com/tintinweb/pub/tree/999963dfda3f90f96687272d914967f2364a6651/pocs/cve-2016-2563" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39551.txt", "reference_id": "CVE-2016-2563", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39551.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2563", "reference_id": "CVE-2016-2563", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2563" }, { "reference_url": "https://security.gentoo.org/glsa/201606-01", "reference_id": "GLSA-201606-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" } ], "aliases": [ "CVE-2016-2563" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e979-9hzq-jqba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91634?format=api", "vulnerability_id": "VCID-er8w-eu6j-hufw", "summary": "PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.", "references": [ { "reference_url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-7162", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12712", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12845", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12941", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1299", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12792", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1287", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12921", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12885", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12848", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12707", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-7162" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7162", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7162" }, { "reference_url": "http://secunia.com/advisories/24381", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/24381" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804", "reference_id": "400804", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7162", "reference_id": "CVE-2006-7162", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-7162" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571194?format=api", "purl": "pkg:deb/debian/putty@0.60-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-u8f8-epv8-f3fy" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.60-3" } ], "aliases": [ "CVE-2006-7162" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-er8w-eu6j-hufw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94368?format=api", "vulnerability_id": "VCID-gp2g-u84g-q7c2", "summary": "PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.72995", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73025", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73001", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73038", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.7305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73048", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.73091", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00746", "scoring_system": "epss", "scoring_elements": "0.731", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2020-14002" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp2g-u84g-q7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20351?format=api", "vulnerability_id": "VCID-jzn6-bzzf-nugp", "summary": "Improper Validation of Integrity Check Value\nThe SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98128", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98136", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98134", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98129", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98114", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98118", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98119", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.5673", "scoring_system": "epss", "scoring_elements": "0.98124", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-48795" }, { "reference_url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack" }, { "reference_url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/" }, { "reference_url": "https://bugs.gentoo.org/920280", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugs.gentoo.org/920280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254210" }, { "reference_url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1217950" }, { "reference_url": "https://crates.io/crates/thrussh/versions", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://crates.io/crates/thrussh/versions" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Mar/21", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Mar/21" }, { "reference_url": "https://filezilla-project.org/versions.php", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://filezilla-project.org/versions.php" }, { "reference_url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://forum.netgate.com/topic/184941/terrapin-ssh-attack" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/apache/mina-sshd/issues/445", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/apache/mina-sshd/issues/445" }, { "reference_url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab" }, { "reference_url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22" }, { "reference_url": "https://github.com/cyd01/KiTTY/issues/520", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/cyd01/KiTTY/issues/520" }, { "reference_url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6" }, { "reference_url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42" }, { "reference_url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/erlang/otp/releases/tag/OTP-26.2.1" }, { "reference_url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d" }, { "reference_url": "https://github.com/hierynomus/sshj/issues/916", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/hierynomus/sshj/issues/916" }, { "reference_url": "https://github.com/janmojzis/tinyssh/issues/81", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/janmojzis/tinyssh/issues/81" }, { "reference_url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5" }, { "reference_url": "https://github.com/libssh2/libssh2/pull/1291", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/libssh2/libssh2/pull/1291" }, { "reference_url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25" }, { "reference_url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3" }, { "reference_url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15" }, { "reference_url": "https://github.com/mwiede/jsch/issues/457", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/issues/457" }, { "reference_url": "https://github.com/mwiede/jsch/pull/461", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/mwiede/jsch/pull/461" }, { "reference_url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16" }, { "reference_url": "https://github.com/NixOS/nixpkgs/pull/275249", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/NixOS/nixpkgs/pull/275249" }, { "reference_url": "https://github.com/openssh/openssh-portable/commits/master", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/openssh/openssh-portable/commits/master" }, { "reference_url": "https://github.com/paramiko/paramiko/issues/2337", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/paramiko/paramiko/issues/2337" }, { "reference_url": "https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773" }, { "reference_url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2189" }, { "reference_url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES" }, { "reference_url": "https://github.com/proftpd/proftpd/issues/456", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/proftpd/proftpd/issues/456" }, { "reference_url": "https://github.com/rapier1/hpn-ssh/releases", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/rapier1/hpn-ssh/releases" }, { "reference_url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst" }, { "reference_url": "https://github.com/ronf/asyncssh/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ronf/asyncssh/tags" }, { "reference_url": "https://github.com/ssh-mitm/ssh-mitm/issues/165", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/ssh-mitm/ssh-mitm/issues/165" }, { "reference_url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0" }, { "reference_url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1" }, { "reference_url": "https://github.com/warp-tech/russh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh" }, { "reference_url": "https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951" }, { "reference_url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/warp-tech/russh/releases/tag/v0.40.2" }, { "reference_url": "https://gitlab.com/libssh/libssh-mirror/-/tags", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://gitlab.com/libssh/libssh-mirror/-/tags" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6" }, { "reference_url": "https://go.dev/cl/550715", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/cl/550715" }, { "reference_url": "https://go.dev/issue/64784", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://go.dev/issue/64784" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ" }, { "reference_url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg" }, { "reference_url": "https://help.panic.com/releasenotes/transmit5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://help.panic.com/releasenotes/transmit5" }, { "reference_url": "https://help.panic.com/releasenotes/transmit5/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://help.panic.com/releasenotes/transmit5/" }, { "reference_url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795" }, { "reference_url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB" }, { "reference_url": "https://matt.ucc.asn.au/dropbear/CHANGES", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://matt.ucc.asn.au/dropbear/CHANGES" }, { "reference_url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC" }, { "reference_url": "https://news.ycombinator.com/item?id=38684904", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38684904" }, { "reference_url": "https://news.ycombinator.com/item?id=38685286", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38685286" }, { "reference_url": "https://news.ycombinator.com/item?id=38732005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://news.ycombinator.com/item?id=38732005" }, { "reference_url": "https://nova.app/releases/#v11.8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://nova.app/releases/#v11.8" }, { "reference_url": "https://oryx-embedded.com/download/#changelog", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://oryx-embedded.com/download/#changelog" }, { "reference_url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002" }, { "reference_url": "https://roumenpetrov.info/secsh/#news20231220", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://roumenpetrov.info/secsh/#news20231220" }, { "reference_url": "https://security.gentoo.org/glsa/202312-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.gentoo.org/glsa/202312-16" }, { "reference_url": "https://security.gentoo.org/glsa/202312-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.gentoo.org/glsa/202312-17" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240105-0004", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://security.netapp.com/advisory/ntap-20240105-0004" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/libssh2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/libssh2" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg" }, { "reference_url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2" }, { "reference_url": "https://support.apple.com/kb/HT214084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://support.apple.com/kb/HT214084" }, { "reference_url": "https://twitter.com/TrueSkrillor/status/1736774389725565005", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://twitter.com/TrueSkrillor/status/1736774389725565005" }, { "reference_url": "https://winscp.net/eng/docs/history#6.2.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://winscp.net/eng/docs/history#6.2.2" }, { "reference_url": "https://www.bitvise.com/ssh-client-version-history#933", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.bitvise.com/ssh-client-version-history#933" }, { "reference_url": "https://www.bitvise.com/ssh-server-version-history", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.bitvise.com/ssh-server-version-history" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5586", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5586" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5588", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5588" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc" }, { "reference_url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508" }, { "reference_url": "https://www.netsarang.com/en/xshell-update-history", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.netsarang.com/en/xshell-update-history" }, { "reference_url": "https://www.netsarang.com/en/xshell-update-history/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.netsarang.com/en/xshell-update-history/" }, { "reference_url": "https://www.openssh.com/openbsd.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openssh.com/openbsd.html" }, { "reference_url": "https://www.openssh.com/txt/release-9.6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openssh.com/txt/release-9.6" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/12/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/12/18/2" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/12/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "reference_url": "https://www.paramiko.org/changelog.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.paramiko.org/changelog.html" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed" }, { "reference_url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/" }, { "reference_url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795" }, { "reference_url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/" }, { "reference_url": "https://www.terrapin-attack.com", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.terrapin-attack.com" }, { "reference_url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.theregister.com/2023/12/20/terrapin_attack_ssh" }, { "reference_url": "https://www.vandyke.com/products/securecrt/history.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://www.vandyke.com/products/securecrt/history.txt" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/18/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/18/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/19/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/19/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/12/20/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/12/20/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/03/06/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/03/06/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/04/17/8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/04/17/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001", "reference_id": "1059001", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002", "reference_id": "1059002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003", "reference_id": "1059003", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004", "reference_id": "1059004", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005", "reference_id": "1059005", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006", "reference_id": "1059006", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007", "reference_id": "1059007", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058", "reference_id": "1059058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144", "reference_id": "1059144", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290", "reference_id": "1059290", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294", "reference_id": "1059294", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", "reference_id": "33XHJUB6ROFUOH2OQNENFROTVH6MHSHA", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", "reference_id": "3CAYYW35MUTNO65RVAELICTNZZFMT2XS", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", "reference_id": "3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", "reference_id": "6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", "reference_id": "BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", "reference_id": "C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", "reference_id": "CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://access.redhat.com/security/cve/cve-2023-48795" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-48795" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security-tracker.debian.org/tracker/CVE-2023-48795" }, { "reference_url": "https://ubuntu.com/security/CVE-2023-48795", "reference_id": "CVE-2023-48795", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://ubuntu.com/security/CVE-2023-48795" }, { "reference_url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway", "reference_id": "CVE-2023-48795-AND-SFTP-GATEWAY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway" }, { "reference_url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", "reference_id": "CVE-2023-48795-AND-SFTP-GATEWAY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://thorntech.com/cve-2023-48795-and-sftp-gateway/" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit", "reference_id": "CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit" }, { "reference_url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability", "reference_id": "CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability" }, { "reference_url": "https://github.com/advisories/GHSA-45x7-px36-x8w8", "reference_id": "GHSA-45x7-px36-x8w8", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://github.com/advisories/GHSA-45x7-px36-x8w8" }, { "reference_url": "https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8", "reference_id": "GHSA-45x7-px36-x8w8", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8" }, { "reference_url": "https://security.gentoo.org/glsa/202407-11", "reference_id": "GLSA-202407-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-11" }, { "reference_url": "https://security.gentoo.org/glsa/202407-12", "reference_id": "GLSA-202407-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-12" }, { "reference_url": "https://security.gentoo.org/glsa/202509-06", "reference_id": "GLSA-202509-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-06" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", "reference_id": "HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", "reference_id": "I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", "reference_id": "KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", "reference_id": "L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", "reference_id": "LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240105-0004/", "reference_id": "ntap-20240105-0004", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240105-0004/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7197", "reference_id": "RHSA-2023:7197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7198", "reference_id": "RHSA-2023:7198", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7198" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7201", "reference_id": "RHSA-2023:7201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0040", "reference_id": "RHSA-2024:0040", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0429", "reference_id": "RHSA-2024:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0455", "reference_id": "RHSA-2024:0455", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0499", "reference_id": "RHSA-2024:0499", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0499" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0538", "reference_id": "RHSA-2024:0538", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0538" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0594", "reference_id": "RHSA-2024:0594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0606", "reference_id": "RHSA-2024:0606", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0606" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0625", "reference_id": "RHSA-2024:0625", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0625" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0628", "reference_id": "RHSA-2024:0628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0766", "reference_id": "RHSA-2024:0766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0766" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0789", "reference_id": "RHSA-2024:0789", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0843", "reference_id": "RHSA-2024:0843", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0843" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0880", "reference_id": "RHSA-2024:0880", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0954", "reference_id": "RHSA-2024:0954", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0954" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1130", "reference_id": "RHSA-2024:1130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1150", "reference_id": "RHSA-2024:1150", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1150" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1192", "reference_id": "RHSA-2024:1192", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1193", "reference_id": "RHSA-2024:1193", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1196", "reference_id": "RHSA-2024:1196", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1197", "reference_id": "RHSA-2024:1197", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1197" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1210", "reference_id": "RHSA-2024:1210", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1210" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1383", "reference_id": "RHSA-2024:1383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1557", "reference_id": "RHSA-2024:1557", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1859", "reference_id": "RHSA-2024:1859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2728", "reference_id": "RHSA-2024:2728", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2728" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2735", "reference_id": "RHSA-2024:2735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2735" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2768", "reference_id": "RHSA-2024:2768", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2988", "reference_id": "RHSA-2024:2988", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2988" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3479", "reference_id": "RHSA-2024:3479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3634", "reference_id": "RHSA-2024:3634", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3634" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3635", "reference_id": "RHSA-2024:3635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3635" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3636", "reference_id": "RHSA-2024:3636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3918", "reference_id": "RHSA-2024:3918", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3918" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4010", "reference_id": "RHSA-2024:4010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4151", "reference_id": "RHSA-2024:4151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4329", "reference_id": "RHSA-2024:4329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4479", "reference_id": "RHSA-2024:4479", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4484", "reference_id": "RHSA-2024:4484", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4484" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4597", "reference_id": "RHSA-2024:4597", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4662", "reference_id": "RHSA-2024:4662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4955", "reference_id": "RHSA-2024:4955", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4959", "reference_id": "RHSA-2024:4959", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5200", "reference_id": "RHSA-2024:5200", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5432", "reference_id": "RHSA-2024:5432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5433", "reference_id": "RHSA-2024:5433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5438", "reference_id": "RHSA-2024:5438", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5438" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8235", "reference_id": "RHSA-2024:8235", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8235" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:4664", "reference_id": "RHSA-2025:4664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:4664" }, { "reference_url": "https://usn.ubuntu.com/6560-1/", "reference_id": "USN-6560-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6560-1/" }, { "reference_url": "https://usn.ubuntu.com/6560-2/", "reference_id": "USN-6560-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6560-2/" }, { "reference_url": "https://usn.ubuntu.com/6561-1/", "reference_id": "USN-6561-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6561-1/" }, { "reference_url": "https://usn.ubuntu.com/6585-1/", "reference_id": "USN-6585-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6585-1/" }, { "reference_url": "https://usn.ubuntu.com/6589-1/", "reference_id": "USN-6589-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6589-1/" }, { "reference_url": "https://usn.ubuntu.com/6598-1/", "reference_id": "USN-6598-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6598-1/" }, { "reference_url": "https://usn.ubuntu.com/6738-1/", "reference_id": "USN-6738-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6738-1/" }, { "reference_url": "https://usn.ubuntu.com/7051-1/", "reference_id": "USN-7051-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7051-1/" }, { "reference_url": "https://usn.ubuntu.com/7292-1/", "reference_id": "USN-7292-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7292-1/" }, { "reference_url": "https://usn.ubuntu.com/7297-1/", "reference_id": "USN-7297-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7297-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2023-48795", "GHSA-45x7-px36-x8w8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79732?format=api", "vulnerability_id": "VCID-k12n-wx13-9qb6", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83318", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83317", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83213", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83229", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83243", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83276", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01909", "scoring_system": "epss", "scoring_elements": "0.83281", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190404-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190404-0001/" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4423" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9897", "reference_id": "CVE-2019-9897", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9897" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052046?format=api", "purl": "pkg:deb/debian/putty@0.70-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6" } ], "aliases": [ "CVE-2019-9897" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k12n-wx13-9qb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49703?format=api", "vulnerability_id": "VCID-u8f8-epv8-f3fy", "summary": "Multiple vulnerabilities have been found in Putty, allowing\n attackers to compromise user system", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17532", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17464", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17554", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17613", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17631", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17585", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17485", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4607" }, { "reference_url": "https://security.gentoo.org/glsa/201308-01", "reference_id": "GLSA-201308-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201308-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" } ], "aliases": [ "CVE-2011-4607" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8f8-epv8-f3fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79730?format=api", "vulnerability_id": "VCID-v36p-nzg5-xkep", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75503", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75498", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.754", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75416", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75459", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75487", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75466", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00887", "scoring_system": "epss", "scoring_elements": "0.75455", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Apr/6", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Apr/6" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20190404-0001/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20190404-0001/" }, { "reference_url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4423" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9894", "reference_id": "CVE-2019-9894", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9894" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1052046?format=api", "purl": "pkg:deb/debian/putty@0.70-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6" } ], "aliases": [ "CVE-2019-9894" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v36p-nzg5-xkep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51286?format=api", "vulnerability_id": "VCID-vhrh-78g7-8uf8", "summary": "Multiple vulnerabilities have been found in PuTTY, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82516", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82406", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82421", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82438", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82462", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82487", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82483", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82478", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01736", "scoring_system": "epss", "scoring_elements": "0.82515", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5309" }, { "reference_url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3409", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3409" }, { "reference_url": "http://www.securitytracker.com/id/1034308", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034308" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5309", "reference_id": "CVE-2015-5309", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5309" }, { "reference_url": "https://security.gentoo.org/glsa/201606-01", "reference_id": "GLSA-201606-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201606-01" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037249?format=api", "purl": "pkg:deb/debian/putty@0.63-10%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037250?format=api", "purl": "pkg:deb/debian/putty@0.67-3%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%252Bdeb9u1" } ], "aliases": [ "CVE-2015-5309" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhrh-78g7-8uf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31702?format=api", "vulnerability_id": "VCID-wkyv-y23r-ubfe", "summary": "Multiple vulnerabilities have been found in FileZilla, the worst of\n which could result in arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78323", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.7833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78361", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78344", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.7837", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78378", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78407", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01136", "scoring_system": "epss", "scoring_elements": "0.78406", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070", "reference_id": "719070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070" }, { "reference_url": "https://security.gentoo.org/glsa/201309-08", "reference_id": "GLSA-201309-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201309-08" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037248?format=api", "purl": "pkg:deb/debian/putty@0.63-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10" } ], "aliases": [ "CVE-2013-4206" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkyv-y23r-ubfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59784?format=api", "vulnerability_id": "VCID-wt4y-m5m4-jyat", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31824", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31815", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31868", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31896", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31838", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2157" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779488", "reference_id": "779488", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779488" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571197?format=api", "purl": "pkg:deb/debian/putty@0.62-9%2Bdeb7u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-5c43-x53a-y7bw" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-8em6-srgn-dbhh" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-ch3d-pgfs-nfej" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-wkyv-y23r-ubfe" }, { "vulnerability": "VCID-wt4y-m5m4-jyat" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-9%252Bdeb7u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037248?format=api", "purl": "pkg:deb/debian/putty@0.63-10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-24cg-zw49-b3ab" }, { "vulnerability": "VCID-5524-rbbb-xydc" }, { "vulnerability": "VCID-8b5g-ajhf-7ydp" }, { "vulnerability": "VCID-9ss1-k3at-nub5" }, { "vulnerability": "VCID-a7m1-vrvp-hyap" }, { "vulnerability": "VCID-aee6-9w9s-mkbe" }, { "vulnerability": "VCID-e979-9hzq-jqba" }, { "vulnerability": "VCID-gp2g-u84g-q7c2" }, { "vulnerability": "VCID-jzn6-bzzf-nugp" }, { "vulnerability": "VCID-k12n-wx13-9qb6" }, { "vulnerability": "VCID-v36p-nzg5-xkep" }, { "vulnerability": "VCID-vhrh-78g7-8uf8" }, { "vulnerability": "VCID-y6nv-z5s2-jqds" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10" } ], "aliases": [ "CVE-2015-2157" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wt4y-m5m4-jyat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94071?format=api", "vulnerability_id": "VCID-y6nv-z5s2-jqds", "summary": "PuTTY before 0.73 mishandles the \"bracketed paste mode\" protection mechanism, which may allow a session to be affected by malicious clipboard content.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64443", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64328", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64382", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64411", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.6442", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64448", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64407", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17068" }, { "reference_url": "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20191127-0003/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security.netapp.com/advisory/ntap-20191127-0003/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17068", "reference_id": "CVE-2019-17068", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17068" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052047?format=api", "purl": "pkg:deb/debian/putty@0.74-1%2Bdeb11u2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2" } ], "aliases": [ "CVE-2019-17068" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6nv-z5s2-jqds" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.58-1" }