Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/openssh@0?distro=trixie

Type deb

Namespace debian

Name openssh

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.7p1-9

Latest_non_vulnerable_version 1:10.3p1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1bv8-wap7-ybec

vulnerability_id VCID-1bv8-wap7-ybec

summary SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2003-1119

reference_id

reference_type

scores

value	0.00704
scoring_system	epss
scoring_elements	0.72045
published_at	2026-04-01T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72051
published_at	2026-04-02T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72072
published_at	2026-04-04T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72048
published_at	2026-04-07T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72085
published_at	2026-04-08T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72097
published_at	2026-04-09T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.7212
published_at	2026-04-11T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72104
published_at	2026-04-12T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.7209
published_at	2026-04-13T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72131
published_at	2026-04-16T12:55:00Z

value	0.00704
scoring_system	epss
scoring_elements	0.72138
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2003-1119

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2003-1119

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv8-wap7-ybec

url VCID-1vwp-yqcr-nkg6

vulnerability_id VCID-1vwp-yqcr-nkg6

summary Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1359

reference_id

reference_type

scores

value	0.86998
scoring_system	epss
scoring_elements	0.9943
published_at	2026-04-01T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99429
published_at	2026-04-02T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99431
published_at	2026-04-07T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99433
published_at	2026-04-09T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99435
published_at	2026-04-11T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99436
published_at	2026-04-13T12:55:00Z

value	0.86998
scoring_system	epss
scoring_elements	0.99439
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1359

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm
reference_id	CVE-2002-1359
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm

reference_url	http://www.rapid7.com/advisories/R7-0009.html
reference_id	CVE-2002-1359
reference_type	exploit
scores
url	http://www.rapid7.com/advisories/R7-0009.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb
reference_id	CVE-2002-1359;OSVDB-8044
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2002-1359

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vwp-yqcr-nkg6

url VCID-1x8n-5rvu-1kfu

vulnerability_id VCID-1x8n-5rvu-1kfu

summary openssh: OpenSSH pre-authentication async signal safety issue

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-7589

reference_id

reference_type

scores

value	0.17408
scoring_system	epss
scoring_elements	0.95081
published_at	2026-04-18T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95048
published_at	2026-04-07T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95056
published_at	2026-04-08T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95059
published_at	2026-04-09T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95065
published_at	2026-04-11T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95066
published_at	2026-04-12T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95069
published_at	2026-04-13T12:55:00Z

value	0.17408
scoring_system	epss
scoring_elements	0.95078
published_at	2026-04-16T12:55:00Z

value	0.21961
scoring_system	epss
scoring_elements	0.95751
published_at	2026-04-04T12:55:00Z

value	0.21961
scoring_system	epss
scoring_elements	0.95744
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-7589

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2304416
reference_id	2304416
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2304416

reference_url

https://www.cve.org/CVERecord?id=CVE-2006-5051

reference_id

CVERecord?id=CVE-2006-5051

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/

url

https://www.cve.org/CVERecord?id=CVE-2006-5051

reference_url

https://www.cve.org/CVERecord?id=CVE-2024-6387

reference_id

CVERecord?id=CVE-2024-6387

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/

url

https://www.cve.org/CVERecord?id=CVE-2024-6387

reference_url

https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc

reference_id

FreeBSD-SA-24:08.openssh.asc

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/

url

https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2024-7589

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1x8n-5rvu-1kfu

url VCID-3jeb-49yf-xbfw

vulnerability_id VCID-3jeb-49yf-xbfw

summary openssh: possible privilege escalation when using ChrootDirectory setting

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2904

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.11903
published_at	2026-04-01T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12017
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12062
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11865
published_at	2026-04-07T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11949
published_at	2026-04-08T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12
published_at	2026-04-09T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12009
published_at	2026-04-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11972
published_at	2026-04-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11945
published_at	2026-04-13T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11816
published_at	2026-04-16T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11812
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2904

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=522141
reference_id	522141
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=522141

reference_url	https://access.redhat.com/errata/RHSA-2009:1470
reference_id	RHSA-2009:1470
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1470

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2009-2904

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3jeb-49yf-xbfw

url VCID-42rr-5scb-rkbt

vulnerability_id VCID-42rr-5scb-rkbt

summary Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25136

reference_id

reference_type

scores

value	0.88329
scoring_system	epss
scoring_elements	0.99499
published_at	2026-04-18T12:55:00Z

value	0.88329
scoring_system	epss
scoring_elements	0.99495
published_at	2026-04-12T12:55:00Z

value	0.88329
scoring_system	epss
scoring_elements	0.99494
published_at	2026-04-13T12:55:00Z

value	0.88329
scoring_system	epss
scoring_elements	0.99498
published_at	2026-04-16T12:55:00Z

value	0.89568
scoring_system	epss
scoring_elements	0.99553
published_at	2026-04-04T12:55:00Z

value	0.89568
scoring_system	epss
scoring_elements	0.99555
published_at	2026-04-11T12:55:00Z

value	0.89568
scoring_system	epss
scoring_elements	0.99556
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25136

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2167636
reference_id	2167636
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2167636

reference_url

https://security.archlinux.org/AVG-2832

reference_id

AVG-2832

reference_type

scores

value	Unknown
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2832

reference_url	https://security.gentoo.org/glsa/202307-01
reference_id	GLSA-202307-01
reference_type
scores
url	https://security.gentoo.org/glsa/202307-01

reference_url	https://access.redhat.com/errata/RHSA-2023:2645
reference_id	RHSA-2023:2645
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2645

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.2p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:9.2p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2023-25136

risk_score 10.0

exploitability 2.0

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-42rr-5scb-rkbt

url VCID-6azx-wz7x-d7cr

vulnerability_id VCID-6azx-wz7x-d7cr

summary openssh: Unauthorized local access to host keys on platforms where ssh-rand-helper used

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2011-4327

reference_id

reference_type

scores

value	0.00064
scoring_system	epss
scoring_elements	0.20005
published_at	2026-04-01T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20153
published_at	2026-04-02T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20212
published_at	2026-04-04T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19938
published_at	2026-04-07T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20017
published_at	2026-04-08T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20076
published_at	2026-04-09T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20091
published_at	2026-04-11T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.20046
published_at	2026-04-12T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19989
published_at	2026-04-13T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.1997
published_at	2026-04-16T12:55:00Z

value	0.00064
scoring_system	epss
scoring_elements	0.19973
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2011-4327

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=755640
reference_id	755640
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=755640

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2011-4327

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6azx-wz7x-d7cr

url VCID-6sgs-5zm4-rqcg

vulnerability_id VCID-6sgs-5zm4-rqcg

summary openssh: ~/.k5users unexpectedly grants remote login

references

reference_url	http://rhn.redhat.com/errata/RHSA-2015-0425.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-0425.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9278

reference_id

reference_type

scores

value	0.00351
scoring_system	epss
scoring_elements	0.57581
published_at	2026-04-18T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57446
published_at	2026-04-01T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5753
published_at	2026-04-02T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57551
published_at	2026-04-04T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57527
published_at	2026-04-07T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.5758
published_at	2026-04-08T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57584
published_at	2026-04-09T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57599
published_at	2026-04-11T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57578
published_at	2026-04-12T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57557
published_at	2026-04-13T12:55:00Z

value	0.00351
scoring_system	epss
scoring_elements	0.57585
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9278

reference_url	https://bugzilla.mindrot.org/show_bug.cgi?id=1867
reference_id
reference_type
scores
url	https://bugzilla.mindrot.org/show_bug.cgi?id=1867

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/99090
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/99090

reference_url	http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855
reference_id
reference_type
scores
url	http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855

reference_url	http://www.openwall.com/lists/oss-security/2014/12/02/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/12/02/3

reference_url	http://www.openwall.com/lists/oss-security/2014/12/04/17
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/12/04/17

reference_url	http://www.securityfocus.com/bid/71420
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71420

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1169843
reference_id	1169843
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1169843

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:-:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:-:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:-:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora:7:::::::*
reference_id	cpe:2.3:o:redhat:fedora:7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora:7:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-9278

reference_id

CVE-2014-9278

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-9278

reference_url	https://access.redhat.com/errata/RHSA-2015:0425
reference_id	RHSA-2015:0425
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0425

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2014-9278

risk_score 1.8

exploitability 0.5

weighted_severity 3.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6sgs-5zm4-rqcg

url VCID-88tp-4d2a-1ydh

vulnerability_id VCID-88tp-4d2a-1ydh

summary A vulnerability has been discovered in OpenSSH, which can lead to remote code execution with root privileges.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6387

reference_id

reference_type

scores

value	0.42417
scoring_system	epss
scoring_elements	0.97438
published_at	2026-04-02T12:55:00Z

value	0.44589
scoring_system	epss
scoring_elements	0.97579
published_at	2026-04-18T12:55:00Z

value	0.44589
scoring_system	epss
scoring_elements	0.97564
published_at	2026-04-09T12:55:00Z

value	0.44589
scoring_system	epss
scoring_elements	0.97567
published_at	2026-04-11T12:55:00Z

value	0.44589
scoring_system	epss
scoring_elements	0.9757
published_at	2026-04-13T12:55:00Z

value	0.44589
scoring_system	epss
scoring_elements	0.97578
published_at	2026-04-16T12:55:00Z

value	0.46693
scoring_system	epss
scoring_elements	0.97652
published_at	2026-04-07T12:55:00Z

value	0.46693
scoring_system	epss
scoring_elements	0.97656
published_at	2026-04-08T12:55:00Z

value	0.46693
scoring_system	epss
scoring_elements	0.97651
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6387

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2294604

reference_id

2294604

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2294604

reference_url	https://security.archlinux.org/ASA-202407-1
reference_id	ASA-202407-1
reference_type
scores
url	https://security.archlinux.org/ASA-202407-1

reference_url

https://security.archlinux.org/AVG-2855

reference_id

AVG-2855

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2855

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
reference_id	cpe:/a:redhat:ceph_storage:5
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
reference_id	cpe:/a:redhat:ceph_storage:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id	cpe:/a:redhat:ceph_storage:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-6387

reference_id

CVE-2024-6387

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/security/cve/CVE-2024-6387

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c
reference_id	CVE-2024-6387
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c

reference_url	https://security.gentoo.org/glsa/202407-09
reference_id	GLSA-202407-09
reference_type
scores
url	https://security.gentoo.org/glsa/202407-09

reference_url

https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

reference_id

regresshion.txt

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt

reference_url

https://www.openssh.com/txt/release-9.8

reference_id

release-9.8

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://www.openssh.com/txt/release-9.8

reference_url

https://access.redhat.com/errata/RHSA-2024:4312

reference_id

RHSA-2024:4312

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4312

reference_url

https://access.redhat.com/errata/RHSA-2024:4340

reference_id

RHSA-2024:4340

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4340

reference_url

https://access.redhat.com/errata/RHSA-2024:4389

reference_id

RHSA-2024:4389

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4389

reference_url

https://access.redhat.com/errata/RHSA-2024:4469

reference_id

RHSA-2024:4469

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4469

reference_url

https://access.redhat.com/errata/RHSA-2024:4474

reference_id

RHSA-2024:4474

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4474

reference_url

https://access.redhat.com/errata/RHSA-2024:4479

reference_id

RHSA-2024:4479

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4479

reference_url

https://access.redhat.com/errata/RHSA-2024:4484

reference_id

RHSA-2024:4484

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://access.redhat.com/errata/RHSA-2024:4484

reference_url

https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

reference_id

sshing_the_masses.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/

url

https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

reference_url	https://usn.ubuntu.com/6859-1/
reference_id	USN-6859-1
reference_type
scores
url	https://usn.ubuntu.com/6859-1/

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u3?distro=trixie
purl	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.7p1-7?distro=trixie
purl	pkg:deb/debian/openssh@1:9.7p1-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.7p1-7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2024-6387

risk_score 10.0

exploitability 2.0

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-88tp-4d2a-1ydh

url VCID-9ycq-9rwj-8kav

vulnerability_id VCID-9ycq-9rwj-8kav

summary audit logging of failed logins

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3102

reference_id

reference_type

scores

value	0.02629
scoring_system	epss
scoring_elements	0.85607
published_at	2026-04-01T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.8562
published_at	2026-04-02T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85638
published_at	2026-04-04T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85645
published_at	2026-04-07T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85664
published_at	2026-04-08T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85676
published_at	2026-04-09T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85691
published_at	2026-04-11T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85687
published_at	2026-04-12T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85683
published_at	2026-04-13T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85705
published_at	2026-04-16T12:55:00Z

value	0.02629
scoring_system	epss
scoring_elements	0.85711
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3102

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=243204
reference_id	243204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=243204

reference_url	https://access.redhat.com/errata/RHSA-2007:0540
reference_id	RHSA-2007:0540
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0540

reference_url	https://access.redhat.com/errata/RHSA-2007:0555
reference_id	RHSA-2007:0555
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0555

reference_url	https://access.redhat.com/errata/RHSA-2007:0703
reference_id	RHSA-2007:0703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0703

reference_url	https://access.redhat.com/errata/RHSA-2007:0737
reference_id	RHSA-2007:0737
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0737

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2007-3102

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ycq-9rwj-8kav

url VCID-bytd-a69u-dkfv

vulnerability_id VCID-bytd-a69u-dkfv

summary openssh: SO_REUSEADDR insecure for X11 forwarding sockets on some platforms

references

reference_url	http://openssh.com/security.html
reference_id
reference_type
scores
url	http://openssh.com/security.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-3259

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.07009
published_at	2026-04-18T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06879
published_at	2026-04-01T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06983
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07037
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07016
published_at	2026-04-07T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.0707
published_at	2026-04-08T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07101
published_at	2026-04-09T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07109
published_at	2026-04-11T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07097
published_at	2026-04-12T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07087
published_at	2026-04-13T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.07025
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-3259

reference_url	http://secunia.com/advisories/31179
reference_id
reference_type
scores
url	http://secunia.com/advisories/31179

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43940
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/43940

reference_url	http://www.openssh.com/txt/release-5.1
reference_id
reference_type
scores
url	http://www.openssh.com/txt/release-5.1

reference_url	http://www.securityfocus.com/bid/30339
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/30339

reference_url	http://www.securitytracker.com/id?1020537
reference_id
reference_type
scores
url	http://www.securitytracker.com/id?1020537

reference_url	http://www.vupen.com/english/advisories/2008/2148
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2008/2148

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=456426
reference_id	456426
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=456426

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::
reference_id	cpe:2.3:a:openbsd:openssh::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.4p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.5p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.0p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.4p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-3259

reference_id

CVE-2008-3259

reference_type

scores

value	1.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:H/Au:N/C:P/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2008-3259

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2008-3259

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bytd-a69u-dkfv

url VCID-c52m-7sh8-eke1

vulnerability_id VCID-c52m-7sh8-eke1

summary openssh: Logic error in ObscureKeystrokeTiming

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-39894

reference_id

reference_type

scores

value	0.02949
scoring_system	epss
scoring_elements	0.86479
published_at	2026-04-18T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86404
published_at	2026-04-02T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86422
published_at	2026-04-04T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86424
published_at	2026-04-07T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86442
published_at	2026-04-08T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86452
published_at	2026-04-09T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86466
published_at	2026-04-11T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86465
published_at	2026-04-12T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86459
published_at	2026-04-13T12:55:00Z

value	0.02949
scoring_system	epss
scoring_elements	0.86474
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-39894

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html

reference_id

000158.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html

reference_url

https://www.openwall.com/lists/oss-security/2024/07/02/1

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://www.openwall.com/lists/oss-security/2024/07/02/1

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764
reference_id	1076764
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2295273
reference_id	2295273
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2295273

reference_url

http://www.openwall.com/lists/oss-security/2024/07/28/3

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

http://www.openwall.com/lists/oss-security/2024/07/28/3

reference_url

http://www.openwall.com/lists/oss-security/2024/07/23/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

http://www.openwall.com/lists/oss-security/2024/07/23/4

reference_url

http://www.openwall.com/lists/oss-security/2024/07/03/6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

http://www.openwall.com/lists/oss-security/2024/07/03/6

reference_url

http://www.openwall.com/lists/oss-security/2024/07/23/6

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

http://www.openwall.com/lists/oss-security/2024/07/23/6

reference_url

https://news.ycombinator.com/item?id=41508530

reference_id

item?id=41508530

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://news.ycombinator.com/item?id=41508530

reference_url

https://security.netapp.com/advisory/ntap-20240712-0004/

reference_id

ntap-20240712-0004

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://security.netapp.com/advisory/ntap-20240712-0004/

reference_url

https://www.openssh.com/txt/release-9.8

reference_id

release-9.8

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://www.openssh.com/txt/release-9.8

reference_url

https://crzphil.github.io/posts/ssh-obfuscation-bypass/

reference_id

ssh-obfuscation-bypass

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/

url

https://crzphil.github.io/posts/ssh-obfuscation-bypass/

reference_url	https://usn.ubuntu.com/6887-1/
reference_id	USN-6887-1
reference_type
scores
url	https://usn.ubuntu.com/6887-1/

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.8p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:9.8p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.8p1-1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2024-39894

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c52m-7sh8-eke1

url VCID-cz6k-qmqx-cybc

vulnerability_id VCID-cz6k-qmqx-cybc

summary Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-26466

reference_id

reference_type

scores

value	0.60426
scoring_system	epss
scoring_elements	0.9829
published_at	2026-04-18T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98269
published_at	2026-04-02T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98272
published_at	2026-04-04T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98273
published_at	2026-04-07T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98278
published_at	2026-04-09T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98281
published_at	2026-04-11T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98282
published_at	2026-04-13T12:55:00Z

value	0.60426
scoring_system	epss
scoring_elements	0.98288
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-26466

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://seclists.org/oss-sec/2025/q1/144

reference_id

144

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/

url

https://seclists.org/oss-sec/2025/q1/144

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2345043

reference_id

2345043

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2345043

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id	cpe:/a:redhat:openshift:4
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id	cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9

reference_url

https://access.redhat.com/security/cve/CVE-2025-26466

reference_id

CVE-2025-26466

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/

url

https://access.redhat.com/security/cve/CVE-2025-26466

reference_url	https://security.gentoo.org/glsa/202502-01
reference_id	GLSA-202502-01
reference_type
scores
url	https://security.gentoo.org/glsa/202502-01

reference_url

https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt

reference_id

openssh-mitm-dos.txt

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/

url

https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt

reference_url	https://usn.ubuntu.com/7270-1/
reference_id	USN-7270-1
reference_type
scores
url	https://usn.ubuntu.com/7270-1/

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
purl	pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.9p2-1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2025-26466

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cz6k-qmqx-cybc

url VCID-daku-ks5y-rbdj

vulnerability_id VCID-daku-ks5y-rbdj

summary openssh: uninitialized variable use in J-PAKE implementation

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1692

reference_id

reference_type

scores

value	0.12538
scoring_system	epss
scoring_elements	0.93904
published_at	2026-04-01T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93912
published_at	2026-04-02T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93921
published_at	2026-04-04T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93925
published_at	2026-04-07T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93933
published_at	2026-04-08T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93937
published_at	2026-04-09T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.9394
published_at	2026-04-11T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93941
published_at	2026-04-13T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93956
published_at	2026-04-16T12:55:00Z

value	0.12538
scoring_system	epss
scoring_elements	0.93962
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1692

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1059052
reference_id	1059052
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1059052

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2014-1692

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-daku-ks5y-rbdj

url VCID-dr6k-gpbz-5qcs

vulnerability_id VCID-dr6k-gpbz-5qcs

summary Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1357

reference_id

reference_type

scores

value	0.18474
scoring_system	epss
scoring_elements	0.95203
published_at	2026-04-01T12:55:00Z

value	0.18474
scoring_system	epss
scoring_elements	0.95215
published_at	2026-04-02T12:55:00Z

value	0.18474
scoring_system	epss
scoring_elements	0.95217
published_at	2026-04-04T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95675
published_at	2026-04-07T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95684
published_at	2026-04-08T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95687
published_at	2026-04-09T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95691
published_at	2026-04-12T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95693
published_at	2026-04-13T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95701
published_at	2026-04-16T12:55:00Z

value	0.21352
scoring_system	epss
scoring_elements	0.95705
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1357

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2002-1357

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dr6k-gpbz-5qcs

url VCID-fafq-mggp-cbem

vulnerability_id VCID-fafq-mggp-cbem

summary openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json

reference_id

reference_type

scores

value	7.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-6409

reference_id

reference_type

scores

value	0.76397
scoring_system	epss
scoring_elements	0.98938
published_at	2026-04-18T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98934
published_at	2026-04-12T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98935
published_at	2026-04-13T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98937
published_at	2026-04-16T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98925
published_at	2026-04-02T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98927
published_at	2026-04-04T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.9893
published_at	2026-04-07T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98932
published_at	2026-04-09T12:55:00Z

value	0.76397
scoring_system	epss
scoring_elements	0.98933
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-6409

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2295085

reference_id

2295085

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2295085

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id	cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id	cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id	cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id	cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id	cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id	cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id	cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id	cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id	cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id	cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id	cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url

https://access.redhat.com/security/cve/CVE-2024-6409

reference_id

CVE-2024-6409

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/security/cve/CVE-2024-6409

reference_url

https://access.redhat.com/errata/RHSA-2024:4457

reference_id

RHSA-2024:4457

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/errata/RHSA-2024:4457

reference_url

https://access.redhat.com/errata/RHSA-2024:4716

reference_id

RHSA-2024:4716

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/errata/RHSA-2024:4716

reference_url

https://access.redhat.com/errata/RHSA-2024:4910

reference_id

RHSA-2024:4910

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/errata/RHSA-2024:4910

reference_url

https://access.redhat.com/errata/RHSA-2024:4955

reference_id

RHSA-2024:4955

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/errata/RHSA-2024:4955

reference_url

https://access.redhat.com/errata/RHSA-2024:5444

reference_id

RHSA-2024:5444

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/

url

https://access.redhat.com/errata/RHSA-2024:5444

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2024-6409

risk_score 3.1

exploitability 0.5

weighted_severity 6.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fafq-mggp-cbem

url VCID-g514-1b64-kudx

vulnerability_id VCID-g514-1b64-kudx

summary SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.

references

reference_url	http://archives.neohapsis.com/archives/bugtraq/2001-02/0159.html
reference_id
reference_type
scores
url	http://archives.neohapsis.com/archives/bugtraq/2001-02/0159.html

reference_url	http://online.securityfocus.com/bid/2356
reference_id
reference_type
scores
url	http://online.securityfocus.com/bid/2356

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2001-1585

reference_id

reference_type

scores

value	0.00323
scoring_system	epss
scoring_elements	0.55248
published_at	2026-04-01T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57456
published_at	2026-04-02T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57478
published_at	2026-04-04T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57455
published_at	2026-04-07T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57508
published_at	2026-04-18T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57512
published_at	2026-04-16T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57527
published_at	2026-04-11T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57504
published_at	2026-04-12T12:55:00Z

value	0.0035
scoring_system	epss
scoring_elements	0.57485
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2001-1585

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/6084
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/6084

reference_url	http://www.openbsd.org/advisories/ssh_bypass.txt
reference_id
reference_type
scores
url	http://www.openbsd.org/advisories/ssh_bypass.txt

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2001-1585

reference_id

CVE-2001-1585

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2001-1585

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2001-1585

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g514-1b64-kudx

url VCID-h6pg-t5c8-53br

vulnerability_id VCID-h6pg-t5c8-53br

summary openssh: destination constraints only apply to first PKCS#11 key

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-51384

reference_id

reference_type

scores

value	0.00038
scoring_system	epss
scoring_elements	0.11529
published_at	2026-04-02T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11582
published_at	2026-04-04T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11371
published_at	2026-04-07T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11455
published_at	2026-04-08T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11513
published_at	2026-04-09T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11523
published_at	2026-04-11T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11489
published_at	2026-04-12T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.1146
published_at	2026-04-13T12:55:00Z

value	0.00038
scoring_system	epss
scoring_elements	0.11322
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-51384

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2255268
reference_id	2255268
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2255268

reference_url	https://usn.ubuntu.com/6565-1/
reference_id	USN-6565-1
reference_type
scores
url	https://usn.ubuntu.com/6565-1/

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.6p1-1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2023-51384

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h6pg-t5c8-53br

url VCID-hmyj-ztb3-rbhz

vulnerability_id VCID-hmyj-ztb3-rbhz

summary FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.

references

reference_url	http://packetstormsecurity.com/files/128972/FreeBSD-Security-Advisory-sshd-Denial-Of-Service.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/128972/FreeBSD-Security-Advisory-sshd-Denial-Of-Service.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-8475

reference_id

reference_type

scores

value	0.0127
scoring_system	epss
scoring_elements	0.79515
published_at	2026-04-18T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79438
published_at	2026-04-01T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79444
published_at	2026-04-02T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79468
published_at	2026-04-04T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79455
published_at	2026-04-07T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79483
published_at	2026-04-08T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79491
published_at	2026-04-09T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79514
published_at	2026-04-11T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79497
published_at	2026-04-12T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79487
published_at	2026-04-13T12:55:00Z

value	0.0127
scoring_system	epss
scoring_elements	0.79517
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-8475

reference_url	http://secunia.com/advisories/61440
reference_id
reference_type
scores
url	http://secunia.com/advisories/61440

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/98491
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/98491

reference_url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A24.sshd.asc
reference_id
reference_type
scores
url	https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A24.sshd.asc

reference_url	http://www.securityfocus.com/bid/70913
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70913

reference_url	http://www.securitytracker.com/id/1031168
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1031168

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:10.0:::::::*
reference_id	cpe:2.3:o:freebsd:freebsd:10.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:10.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.1:::::::*
reference_id	cpe:2.3:o:freebsd:freebsd:9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.2:::::::*
reference_id	cpe:2.3:o:freebsd:freebsd:9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-8475

reference_id

CVE-2014-8475

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-8475

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2014-8475

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hmyj-ztb3-rbhz

url VCID-jvn2-cgzv-u3fn

vulnerability_id VCID-jvn2-cgzv-u3fn

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which may allow remote attackers to execute arbitrary code.

references

reference_url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
reference_id
reference_type
scores
url	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-4478

reference_id

reference_type

scores

value	0.00437
scoring_system	epss
scoring_elements	0.63115
published_at	2026-04-18T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.62971
published_at	2026-04-01T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.6303
published_at	2026-04-02T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63058
published_at	2026-04-04T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63023
published_at	2026-04-07T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63074
published_at	2026-04-08T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.6309
published_at	2026-04-09T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63107
published_at	2026-04-16T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63093
published_at	2026-04-12T12:55:00Z

value	0.00437
scoring_system	epss
scoring_elements	0.63071
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-4478

reference_url	http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf
reference_id
reference_type
scores
url	http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf

reference_url	https://github.com/seb-m/jpake
reference_id
reference_type
scores
url	https://github.com/seb-m/jpake

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h

reference_url	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5
reference_id
reference_type
scores
url	http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=660642
reference_id	660642
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=660642

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::
reference_id	cpe:2.3:a:openbsd:openssh::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.27:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:1.5.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:2.9p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.0p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.4p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.5p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.0p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.1p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.2p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.3p2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.4p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7p1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.7p1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7p1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:4.9:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:::::::*
reference_id	cpe:2.3:a:openbsd:openssh:5.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-4478

reference_id

CVE-2010-4478

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-4478

reference_url	https://security.gentoo.org/glsa/201405-06
reference_id	GLSA-201405-06
reference_type
scores
url	https://security.gentoo.org/glsa/201405-06

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2010-4478

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jvn2-cgzv-u3fn

url VCID-u7hg-g61b-q7fy

vulnerability_id VCID-u7hg-g61b-q7fy

summary The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1653

reference_id

reference_type

scores

value	0.00389
scoring_system	epss
scoring_elements	0.59807
published_at	2026-04-01T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59884
published_at	2026-04-02T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59909
published_at	2026-04-04T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59879
published_at	2026-04-07T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59929
published_at	2026-04-08T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59943
published_at	2026-04-09T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59964
published_at	2026-04-11T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59948
published_at	2026-04-12T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.5993
published_at	2026-04-13T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59969
published_at	2026-04-16T12:55:00Z

value	0.00389
scoring_system	epss
scoring_elements	0.59976
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1653

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2004-1653

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u7hg-g61b-q7fy

url VCID-v3yv-r42f-skdr

vulnerability_id VCID-v3yv-r42f-skdr

summary Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-28531

reference_id

reference_type

scores

value	0.00363
scoring_system	epss
scoring_elements	0.5833
published_at	2026-04-02T12:55:00Z

value	0.00388
scoring_system	epss
scoring_elements	0.5993
published_at	2026-04-18T12:55:00Z

value	0.00388
scoring_system	epss
scoring_elements	0.59918
published_at	2026-04-11T12:55:00Z

value	0.00388
scoring_system	epss
scoring_elements	0.59902
published_at	2026-04-12T12:55:00Z

value	0.00388
scoring_system	epss
scoring_elements	0.59884
published_at	2026-04-13T12:55:00Z

value	0.00388
scoring_system	epss
scoring_elements	0.59923
published_at	2026-04-16T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61968
published_at	2026-04-07T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62017
published_at	2026-04-08T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.62034
published_at	2026-04-09T12:55:00Z

value	0.00421
scoring_system	epss
scoring_elements	0.61998
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-28531

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166
reference_id	1033166
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2179334
reference_id	2179334
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2179334

reference_url	https://security.gentoo.org/glsa/202307-01
reference_id	GLSA-202307-01
reference_type
scores
url	https://security.gentoo.org/glsa/202307-01

reference_url	https://usn.ubuntu.com/6560-1/
reference_id	USN-6560-1
reference_type
scores
url	https://usn.ubuntu.com/6560-1/

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl	pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:9.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:9.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.3p1-1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2023-28531

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v3yv-r42f-skdr

url VCID-wskn-7rs4-xyh6

vulnerability_id VCID-wskn-7rs4-xyh6

summary Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1358

reference_id

reference_type

scores

value	0.04128
scoring_system	epss
scoring_elements	0.88586
published_at	2026-04-01T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88596
published_at	2026-04-02T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88613
published_at	2026-04-04T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88614
published_at	2026-04-07T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88633
published_at	2026-04-08T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88637
published_at	2026-04-09T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88649
published_at	2026-04-11T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88642
published_at	2026-04-13T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88655
published_at	2026-04-16T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88652
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1358

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2002-1358

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wskn-7rs4-xyh6

url VCID-wvmb-brge-13cq

vulnerability_id VCID-wvmb-brge-13cq

summary SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1715

reference_id

reference_type

scores

value	0.00104
scoring_system	epss
scoring_elements	0.28454
published_at	2026-04-01T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28548
published_at	2026-04-02T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28591
published_at	2026-04-04T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28394
published_at	2026-04-07T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.2846
published_at	2026-04-08T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28501
published_at	2026-04-09T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28504
published_at	2026-04-11T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28461
published_at	2026-04-12T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28412
published_at	2026-04-13T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28427
published_at	2026-04-16T12:55:00Z

value	0.00104
scoring_system	epss
scoring_elements	0.28405
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1715

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt
reference_id	CVE-2002-1715;OSVDB-23589
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt

reference_url	https://www.securityfocus.com/bid/4547/info
reference_id	CVE-2002-1715;OSVDB-23589
reference_type	exploit
scores
url	https://www.securityfocus.com/bid/4547/info

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2002-1715

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvmb-brge-13cq

url VCID-xewq-4k2z-vqgg

vulnerability_id VCID-xewq-4k2z-vqgg

summary

Multiple vulnerabilities have been found in OpenSSH, the worst of
    which could lead to arbitrary code execution, or cause a Denial of Service
    condition.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-6565

reference_id

reference_type

scores

value	0.00344
scoring_system	epss
scoring_elements	0.57066
published_at	2026-04-18T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.56926
published_at	2026-04-01T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57023
published_at	2026-04-02T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57045
published_at	2026-04-04T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57022
published_at	2026-04-07T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57073
published_at	2026-04-08T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57074
published_at	2026-04-09T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57085
published_at	2026-04-11T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57065
published_at	2026-04-12T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57041
published_at	2026-04-13T12:55:00Z

value	0.00344
scoring_system	epss
scoring_elements	0.57069
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-6565

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.2
scoring_system	cvssv2
scoring_elements	AV:L/AC:L/Au:N/C:C/I:C/A:C

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1252861
reference_id	1252861
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1252861

reference_url	http://seclists.org/oss-sec/2017/q1/203
reference_id	CVE-2015-6565
reference_type	exploit
scores
url	http://seclists.org/oss-sec/2017/q1/203

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c
reference_id	CVE-2015-6565
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c

reference_url	https://security.gentoo.org/glsa/201512-04
reference_id	GLSA-201512-04
reference_type
scores
url	https://security.gentoo.org/glsa/201512-04

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2015-6565

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xewq-4k2z-vqgg

url VCID-zw1g-y15j-fuhf

vulnerability_id VCID-zw1g-y15j-fuhf

summary Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2002-1360

reference_id

reference_type

scores

value	0.04128
scoring_system	epss
scoring_elements	0.88586
published_at	2026-04-01T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88596
published_at	2026-04-02T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88613
published_at	2026-04-04T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88614
published_at	2026-04-07T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88633
published_at	2026-04-08T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88637
published_at	2026-04-09T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88649
published_at	2026-04-11T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88642
published_at	2026-04-13T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88655
published_at	2026-04-16T12:55:00Z

value	0.04128
scoring_system	epss
scoring_elements	0.88652
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2002-1360

fixed_packages

url	pkg:deb/debian/openssh@0?distro=trixie
purl	pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-b4uc-yh56-muej

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-a7m6-uqbt-nqd9

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

vulnerability	VCID-wga4-sqwk-4bfj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-ajmg-5kgx-k7h5

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-792n-jkzj-qqhd

vulnerability	VCID-8efr-budq-6bb6

vulnerability	VCID-a4eq-r71a-buhm

vulnerability	VCID-bnrq-2fsr-mfgd

vulnerability	VCID-kgn5-p8kx-qucj

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie

url	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl	pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie

aliases CVE-2002-1360

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zw1g-y15j-fuhf

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie

Package Instance