Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie

Type deb

Namespace debian

Name libssh

Version 0.9.8-0+deb11u2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.10.5-1

Latest_non_vulnerable_version 0.12.0-3

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-12kz-zuqz-9qgy

vulnerability_id VCID-12kz-zuqz-9qgy

summary libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8114.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8114.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-8114

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.02294
published_at	2026-04-08T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02288
published_at	2026-04-02T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02292
published_at	2026-04-07T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05802
published_at	2026-04-16T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05838
published_at	2026-04-13T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05845
published_at	2026-04-12T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05855
published_at	2026-04-11T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05878
published_at	2026-04-09T12:55:00Z

value	0.00022
scoring_system	epss
scoring_elements	0.05809
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08187
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-8114

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8114
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8114

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109860
reference_id	1109860
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109860

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2383220

reference_id

2383220

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2383220

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-8114

reference_id

CVE-2025-8114

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/

url

https://access.redhat.com/security/cve/CVE-2025-8114

reference_url

https://www.libssh.org/security/advisories/CVE-2025-8114.txt

reference_id

CVE-2025-8114.txt

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/

url

https://www.libssh.org/security/advisories/CVE-2025-8114.txt

reference_url

https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d

reference_id

?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/

url

https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d

reference_url

https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9

reference_id

?id=65f363c9

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/

url

https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9

reference_url	https://usn.ubuntu.com/7849-1/
reference_id	USN-7849-1
reference_type
scores
url	https://usn.ubuntu.com/7849-1/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.3-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.3-1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-8114

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12kz-zuqz-9qgy

url VCID-72cq-k33t-zbhu

vulnerability_id VCID-72cq-k33t-zbhu

summary libssh: Memory Exhaustion via Repeated Key Exchange in libssh

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8277.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8277.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-8277

reference_id

reference_type

scores

value	0.00052
scoring_system	epss
scoring_elements	0.16343
published_at	2026-04-04T12:55:00Z

value	0.00052
scoring_system	epss
scoring_elements	0.16281
published_at	2026-04-02T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16586
published_at	2026-04-21T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16541
published_at	2026-04-16T12:55:00Z

value	0.00053
scoring_system	epss
scoring_elements	0.16549
published_at	2026-04-18T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.1735
published_at	2026-04-07T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17441
published_at	2026-04-08T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17501
published_at	2026-04-09T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17514
published_at	2026-04-11T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17465
published_at	2026-04-12T12:55:00Z

value	0.00055
scoring_system	epss
scoring_elements	0.17413
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-8277

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8277
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8277

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114859
reference_id	1114859
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114859

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2383888

reference_id

2383888

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-09T19:28:17Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2383888

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-8277

reference_id

CVE-2025-8277

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-09T19:28:17Z/

url

https://access.redhat.com/security/cve/CVE-2025-8277

reference_url	https://usn.ubuntu.com/8051-1/
reference_id	USN-8051-1
reference_type
scores
url	https://usn.ubuntu.com/8051-1/

reference_url	https://usn.ubuntu.com/8051-2/
reference_id	USN-8051-2
reference_type
scores
url	https://usn.ubuntu.com/8051-2/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.3-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.3-1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-8277

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72cq-k33t-zbhu

url VCID-kek1-z4s4-tudn

vulnerability_id VCID-kek1-z4s4-tudn

summary libssh: Use of uninitialized variable in privatekey_from_file()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4878.json

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4878.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4878

reference_id

reference_type

scores

value	0.0002
scoring_system	epss
scoring_elements	0.05432
published_at	2026-04-02T12:55:00Z

value	0.0002
scoring_system	epss
scoring_elements	0.05466
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07765
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07705
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0767
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07755
published_at	2026-04-13T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07771
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07784
published_at	2026-04-11T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08763
published_at	2026-04-21T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08609
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4878

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4878
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4878

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407
reference_id	1108407
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2376184

reference_id

2376184

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2376184

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-4878

reference_id

CVE-2025-4878

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/

url

https://access.redhat.com/security/cve/CVE-2025-4878

reference_url

https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1

reference_id

?id=697650caa97eaf7623924c75f9fcfec6dd423cd1

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/

url

https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1

reference_url

https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb

reference_id

?id=b35ee876adc92a208d47194772e99f9c71e0bedb

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/

url

https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb

reference_url	https://usn.ubuntu.com/7619-1/
reference_id	USN-7619-1
reference_type
scores
url	https://usn.ubuntu.com/7619-1/

reference_url	https://usn.ubuntu.com/7696-1/
reference_id	USN-7696-1
reference_type
scores
url	https://usn.ubuntu.com/7696-1/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-4878

risk_score 1.6

exploitability 0.5

weighted_severity 3.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kek1-z4s4-tudn

url VCID-t8nv-wfbj-13e5

vulnerability_id VCID-t8nv-wfbj-13e5

summary libssh: Write beyond bounds in binary to base64 conversion functions

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4877.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4877.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-4877

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05823
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05645
published_at	2026-04-02T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05718
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05744
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05722
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05715
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05709
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05663
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05674
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05686
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05677
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-4877

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4877
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4877

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407
reference_id	1108407
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2376193

reference_id

2376193

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2376193

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-4877

reference_id

CVE-2025-4877

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/

url

https://access.redhat.com/security/cve/CVE-2025-4877

reference_url

https://www.libssh.org/security/advisories/CVE-2025-4877.txt

reference_id

CVE-2025-4877.txt

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/

url

https://www.libssh.org/security/advisories/CVE-2025-4877.txt

reference_url

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d

reference_id

?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d

reference_type

scores

value	4.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/

url

https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d

reference_url	https://usn.ubuntu.com/7619-1/
reference_id	USN-7619-1
reference_type
scores
url	https://usn.ubuntu.com/7619-1/

reference_url	https://usn.ubuntu.com/7696-1/
reference_id	USN-7696-1
reference_type
scores
url	https://usn.ubuntu.com/7696-1/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-4877

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8nv-wfbj-13e5

url VCID-u5ts-n3fz-nud9

vulnerability_id VCID-u5ts-n3fz-nud9

summary libssh: Incorrect Return Code Handling in ssh_kdf() in libssh

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5372.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5372.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5372

reference_id

reference_type

scores

value	0.00101
scoring_system	epss
scoring_elements	0.2784
published_at	2026-04-09T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27846
published_at	2026-04-11T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27747
published_at	2026-04-13T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27804
published_at	2026-04-12T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27897
published_at	2026-04-02T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27728
published_at	2026-04-18T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27754
published_at	2026-04-16T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27939
published_at	2026-04-04T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.2773
published_at	2026-04-07T12:55:00Z

value	0.00101
scoring_system	epss
scoring_elements	0.27798
published_at	2026-04-08T12:55:00Z

value	0.00109
scoring_system	epss
scoring_elements	0.29136
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5372

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5372
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5372

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407
reference_id	1108407
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2369388

reference_id

2369388

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2369388

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-5372

reference_id

CVE-2025-5372

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/

url

https://access.redhat.com/security/cve/CVE-2025-5372

reference_url

https://access.redhat.com/errata/RHSA-2025:21977

reference_id

RHSA-2025:21977

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/

url

https://access.redhat.com/errata/RHSA-2025:21977

reference_url

https://access.redhat.com/errata/RHSA-2025:23024

reference_id

RHSA-2025:23024

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/

url

https://access.redhat.com/errata/RHSA-2025:23024

reference_url	https://usn.ubuntu.com/7619-1/
reference_id	USN-7619-1
reference_type
scores
url	https://usn.ubuntu.com/7619-1/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-5372

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5ts-n3fz-nud9

url VCID-wgkw-5cae-s3ej

vulnerability_id VCID-wgkw-5cae-s3ej

summary libssh: out-of-bounds read in sftp_handle()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5318.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5318.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-5318

reference_id

reference_type

scores

value	0.00112
scoring_system	epss
scoring_elements	0.29842
published_at	2026-04-02T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29803
published_at	2026-04-09T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29807
published_at	2026-04-11T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29762
published_at	2026-04-12T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29712
published_at	2026-04-13T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.2973
published_at	2026-04-16T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29708
published_at	2026-04-18T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29888
published_at	2026-04-04T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29704
published_at	2026-04-07T12:55:00Z

value	0.00112
scoring_system	epss
scoring_elements	0.29766
published_at	2026-04-08T12:55:00Z

value	0.00303
scoring_system	epss
scoring_elements	0.5365
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-5318

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5318
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5318

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407
reference_id	1108407
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2369131

reference_id

2369131

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2369131

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9
reference_id	cpe:/a:redhat:ai_inference_server:3.2::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8
reference_id	cpe:/a:redhat:openshift:4.12::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9
reference_id	cpe:/a:redhat:openshift:4.17::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9
reference_id	cpe:/a:redhat:openshift:4.18::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9
reference_id	cpe:/a:redhat:openshift:4.19::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9
reference_id	cpe:/a:redhat:openshift:4.20::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.7::el8
reference_id	cpe:/a:redhat:openshift_distributed_tracing:3.7::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.7::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_aus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_id	cpe:/a:redhat:rhel_e4s:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_id	cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.6::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_tus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0
reference_id	cpe:/o:redhat:enterprise_linux:10.0
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1
reference_id	cpe:/o:redhat:enterprise_linux:10.1
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_aus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_id	cpe:/o:redhat:rhel_e4s:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_id	cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_tus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2025-5318

reference_id

CVE-2025-5318

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/security/cve/CVE-2025-5318

reference_url

https://www.libssh.org/security/advisories/CVE-2025-5318.txt

reference_id

CVE-2025-5318.txt

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://www.libssh.org/security/advisories/CVE-2025-5318.txt

reference_url

https://access.redhat.com/errata/RHSA-2025:18231

reference_id

RHSA-2025:18231

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:18231

reference_url

https://access.redhat.com/errata/RHSA-2025:18275

reference_id

RHSA-2025:18275

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:18275

reference_url

https://access.redhat.com/errata/RHSA-2025:18286

reference_id

RHSA-2025:18286

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:18286

reference_url

https://access.redhat.com/errata/RHSA-2025:19012

reference_id

RHSA-2025:19012

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19012

reference_url

https://access.redhat.com/errata/RHSA-2025:19098

reference_id

RHSA-2025:19098

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19098

reference_url

https://access.redhat.com/errata/RHSA-2025:19101

reference_id

RHSA-2025:19101

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19101

reference_url

https://access.redhat.com/errata/RHSA-2025:19295

reference_id

RHSA-2025:19295

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19295

reference_url

https://access.redhat.com/errata/RHSA-2025:19300

reference_id

RHSA-2025:19300

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19300

reference_url

https://access.redhat.com/errata/RHSA-2025:19313

reference_id

RHSA-2025:19313

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19313

reference_url

https://access.redhat.com/errata/RHSA-2025:19400

reference_id

RHSA-2025:19400

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19400

reference_url

https://access.redhat.com/errata/RHSA-2025:19401

reference_id

RHSA-2025:19401

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19401

reference_url

https://access.redhat.com/errata/RHSA-2025:19470

reference_id

RHSA-2025:19470

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19470

reference_url

https://access.redhat.com/errata/RHSA-2025:19472

reference_id

RHSA-2025:19472

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19472

reference_url

https://access.redhat.com/errata/RHSA-2025:19807

reference_id

RHSA-2025:19807

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19807

reference_url

https://access.redhat.com/errata/RHSA-2025:19864

reference_id

RHSA-2025:19864

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:19864

reference_url

https://access.redhat.com/errata/RHSA-2025:20943

reference_id

RHSA-2025:20943

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:20943

reference_url

https://access.redhat.com/errata/RHSA-2025:21013

reference_id

RHSA-2025:21013

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:21013

reference_url

https://access.redhat.com/errata/RHSA-2025:21329

reference_id

RHSA-2025:21329

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:21329

reference_url

https://access.redhat.com/errata/RHSA-2025:21829

reference_id

RHSA-2025:21829

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:21829

reference_url

https://access.redhat.com/errata/RHSA-2025:23078

reference_id

RHSA-2025:23078

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:23078

reference_url

https://access.redhat.com/errata/RHSA-2025:23079

reference_id

RHSA-2025:23079

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:23079

reference_url

https://access.redhat.com/errata/RHSA-2025:23080

reference_id

RHSA-2025:23080

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2025:23080

reference_url

https://access.redhat.com/errata/RHSA-2026:0326

reference_id

RHSA-2026:0326

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2026:0326

reference_url

https://access.redhat.com/errata/RHSA-2026:1541

reference_id

RHSA-2026:1541

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2026:1541

reference_url

https://access.redhat.com/errata/RHSA-2026:3461

reference_id

RHSA-2026:3461

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2026:3461

reference_url

https://access.redhat.com/errata/RHSA-2026:3462

reference_id

RHSA-2026:3462

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/

url

https://access.redhat.com/errata/RHSA-2026:3462

reference_url	https://usn.ubuntu.com/7619-1/
reference_id	USN-7619-1
reference_type
scores
url	https://usn.ubuntu.com/7619-1/

reference_url	https://usn.ubuntu.com/7696-1/
reference_id	USN-7696-1
reference_type
scores
url	https://usn.ubuntu.com/7696-1/

fixed_packages

url pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

purl pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

url pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

purl pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
purl	pkg:deb/debian/libssh@0.11.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie

url pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4qxq-4833-s7bd

vulnerability	VCID-8zdu-udyx-qkhu

vulnerability	VCID-hhun-qvy9-pydj

vulnerability	VCID-p6ex-bypb-n3fg

vulnerability	VCID-v97m-zm6x-gfga

vulnerability	VCID-y3hu-uqgn-7uhr

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
purl	pkg:deb/debian/libssh@0.12.0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie

aliases CVE-2025-5318

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgkw-5cae-s3ej

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie

Package Instance