Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/928730?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "type": "deb", "namespace": "debian", "name": "libssh", "version": "0.9.8-0+deb11u2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.10.5-1", "latest_non_vulnerable_version": "0.12.0-3", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68606?format=api", "vulnerability_id": "VCID-12kz-zuqz-9qgy", "summary": "libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8114.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02294", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02288", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02292", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05845", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05878", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08076", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08187", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08141", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08105", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8114" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109860", "reference_id": "1109860", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109860" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383220", "reference_id": "2383220", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383220" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-8114", "reference_id": "CVE-2025-8114", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-8114" }, { "reference_url": "https://www.libssh.org/security/advisories/CVE-2025-8114.txt", "reference_id": "CVE-2025-8114.txt", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/" } ], "url": "https://www.libssh.org/security/advisories/CVE-2025-8114.txt" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d", "reference_id": "?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?id=53ac23ded4cb2c5463f6c4cd1525331bd578812d" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9", "reference_id": "?id=65f363c9", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-24T15:32:04Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?id=65f363c9" }, { "reference_url": "https://usn.ubuntu.com/7849-1/", "reference_id": "USN-7849-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7849-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928732?format=api", "purl": "pkg:deb/debian/libssh@0.11.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-8114" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-12kz-zuqz-9qgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68072?format=api", "vulnerability_id": "VCID-72cq-k33t-zbhu", "summary": "libssh: Memory Exhaustion via Repeated Key Exchange in libssh", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8277.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8277.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16343", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16281", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16427", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16541", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16586", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16482", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16471", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17501", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8277" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114859", "reference_id": "1114859", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114859" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383888", "reference_id": "2383888", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-09T19:28:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383888" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-8277", "reference_id": "CVE-2025-8277", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-09T19:28:17Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-8277" }, { "reference_url": "https://usn.ubuntu.com/8051-1/", "reference_id": "USN-8051-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8051-1/" }, { "reference_url": "https://usn.ubuntu.com/8051-2/", "reference_id": "USN-8051-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8051-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928732?format=api", "purl": "pkg:deb/debian/libssh@0.11.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-8277" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72cq-k33t-zbhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68998?format=api", "vulnerability_id": "VCID-kek1-z4s4-tudn", "summary": "libssh: Use of uninitialized variable in privatekey_from_file()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4878.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4878.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4878", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05466", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05432", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07705", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0767", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07784", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08732", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08763", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08774", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08728", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4878" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407", "reference_id": "1108407", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376184", "reference_id": "2376184", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376184" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4878", "reference_id": "CVE-2025-4878", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4878" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1", "reference_id": "?id=697650caa97eaf7623924c75f9fcfec6dd423cd1", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb", "reference_id": "?id=b35ee876adc92a208d47194772e99f9c71e0bedb", "reference_type": "", "scores": [ { "value": "3.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-22T14:34:47Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb" }, { "reference_url": "https://usn.ubuntu.com/7619-1/", "reference_id": "USN-7619-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7619-1/" }, { "reference_url": "https://usn.ubuntu.com/7696-1/", "reference_id": "USN-7696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7696-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928731?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4878" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kek1-z4s4-tudn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68999?format=api", "vulnerability_id": "VCID-t8nv-wfbj-13e5", "summary": "libssh: Write beyond bounds in binary to base64 conversion functions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05718", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05744", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05715", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05709", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05663", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05674", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05855", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05686", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06338", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06349", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4877" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407", "reference_id": "1108407", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376193", "reference_id": "2376193", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376193" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-4877", "reference_id": "CVE-2025-4877", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-4877" }, { "reference_url": "https://www.libssh.org/security/advisories/CVE-2025-4877.txt", "reference_id": "CVE-2025-4877.txt", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/" } ], "url": "https://www.libssh.org/security/advisories/CVE-2025-4877.txt" }, { "reference_url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d", "reference_id": "?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-20T15:14:29Z/" } ], "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11&id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d" }, { "reference_url": "https://usn.ubuntu.com/7619-1/", "reference_id": "USN-7619-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7619-1/" }, { "reference_url": "https://usn.ubuntu.com/7696-1/", "reference_id": "USN-7696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7696-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928731?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-4877" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8nv-wfbj-13e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68996?format=api", "vulnerability_id": "VCID-u5ts-n3fz-nud9", "summary": "libssh: Incorrect Return Code Handling in ssh_kdf() in libssh", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5372.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5372.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27798", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27846", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27804", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27747", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27728", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27939", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29136", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29014", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28903", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29184", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5372" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407", "reference_id": "1108407", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369388", "reference_id": "2369388", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369388" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-5372", "reference_id": "CVE-2025-5372", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-5372" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21977", "reference_id": "RHSA-2025:21977", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23024", "reference_id": "RHSA-2025:23024", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T14:08:57Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:23024" }, { "reference_url": "https://usn.ubuntu.com/7619-1/", "reference_id": "USN-7619-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7619-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928731?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5372" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5ts-n3fz-nud9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68994?format=api", "vulnerability_id": "VCID-wgkw-5cae-s3ej", "summary": "libssh: out-of-bounds read in sftp_handle()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29842", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29888", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29704", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29803", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29807", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29762", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.2973", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29708", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.5365", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53624", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53612", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53589", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5318" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407", "reference_id": "1108407", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108407" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131", "reference_id": "2369131", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9", "reference_id": "cpe:/a:redhat:ai_inference_server:3.2::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ai_inference_server:3.2::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8", "reference_id": "cpe:/a:redhat:openshift:4.12::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.12::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9", "reference_id": "cpe:/a:redhat:openshift:4.17::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9", "reference_id": "cpe:/a:redhat:openshift:4.18::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.18::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9", "reference_id": "cpe:/a:redhat:openshift:4.19::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.19::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9", "reference_id": "cpe:/a:redhat:openshift:4.20::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.20::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.7::el8", "reference_id": "cpe:/a:redhat:openshift_distributed_tracing:3.7::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.7::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus_long_life:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-5318", "reference_id": "CVE-2025-5318", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-5318" }, { "reference_url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt", "reference_id": "CVE-2025-5318.txt", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18231", "reference_id": "RHSA-2025:18231", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18275", "reference_id": "RHSA-2025:18275", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18275" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:18286", "reference_id": "RHSA-2025:18286", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:18286" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19012", "reference_id": "RHSA-2025:19012", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19012" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19098", "reference_id": "RHSA-2025:19098", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19098" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19101", "reference_id": "RHSA-2025:19101", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19101" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19295", "reference_id": "RHSA-2025:19295", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19295" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19300", "reference_id": "RHSA-2025:19300", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19300" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19313", "reference_id": "RHSA-2025:19313", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19313" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19400", "reference_id": "RHSA-2025:19400", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19401", "reference_id": "RHSA-2025:19401", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19470", "reference_id": "RHSA-2025:19470", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19470" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19472", "reference_id": "RHSA-2025:19472", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19807", "reference_id": "RHSA-2025:19807", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19807" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19864", "reference_id": "RHSA-2025:19864", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19864" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20943", "reference_id": "RHSA-2025:20943", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21013", "reference_id": "RHSA-2025:21013", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21013" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21329", "reference_id": "RHSA-2025:21329", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21829", "reference_id": "RHSA-2025:21829", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21829" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23078", "reference_id": "RHSA-2025:23078", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:23078" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23079", "reference_id": "RHSA-2025:23079", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:23079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:23080", "reference_id": "RHSA-2025:23080", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:23080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0326", "reference_id": "RHSA-2026:0326", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1541", "reference_id": "RHSA-2026:1541", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:1541" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3461", "reference_id": "RHSA-2026:3461", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3461" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3462", "reference_id": "RHSA-2026:3462", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-18T20:41:38Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:3462" }, { "reference_url": "https://usn.ubuntu.com/7619-1/", "reference_id": "USN-7619-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7619-1/" }, { "reference_url": "https://usn.ubuntu.com/7696-1/", "reference_id": "USN-7696-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7696-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928711?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928730?format=api", "purl": "pkg:deb/debian/libssh@0.9.8-0%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928709?format=api", "purl": "pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.10.6-0%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928731?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928713?format=api", "purl": "pkg:deb/debian/libssh@0.11.2-1%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4qxq-4833-s7bd" }, { "vulnerability": "VCID-8zdu-udyx-qkhu" }, { "vulnerability": "VCID-hhun-qvy9-pydj" }, { "vulnerability": "VCID-p6ex-bypb-n3fg" }, { "vulnerability": "VCID-v97m-zm6x-gfga" }, { "vulnerability": "VCID-y3hu-uqgn-7uhr" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.11.2-1%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928712?format=api", "purl": "pkg:deb/debian/libssh@0.12.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.12.0-3%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-5318" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wgkw-5cae-s3ej" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libssh@0.9.8-0%252Bdeb11u2%3Fdistro=trixie" }