Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933883?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "type": "deb", "namespace": "debian", "name": "openssh", "version": "0", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "4.7p1-9", "latest_non_vulnerable_version": "1:10.3p1-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/106146?format=api", "vulnerability_id": "VCID-1bv8-wap7-ybec", "summary": "SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72045", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.7212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72104", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.7209", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72131", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72138", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00704", "scoring_system": "epss", "scoring_elements": "0.72124", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2003-1119" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2003-1119" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bv8-wap7-ybec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103804?format=api", "vulnerability_id": "VCID-1vwp-yqcr-nkg6", "summary": "Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.9943", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99429", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99433", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99435", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99436", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99439", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.86998", "scoring_system": "epss", "scoring_elements": "0.99438", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1359" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm", "reference_id": "CVE-2002-1359", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm" }, { "reference_url": "http://www.rapid7.com/advisories/R7-0009.html", "reference_id": "CVE-2002-1359", "reference_type": "exploit", "scores": [], "url": "http://www.rapid7.com/advisories/R7-0009.html" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb", "reference_id": "CVE-2002-1359;OSVDB-8044", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1359" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vwp-yqcr-nkg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74423?format=api", "vulnerability_id": "VCID-1x8n-5rvu-1kfu", "summary": "openssh: OpenSSH pre-authentication async signal safety issue", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7589", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95083", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95065", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95069", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95078", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.17408", "scoring_system": "epss", "scoring_elements": "0.95081", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21961", "scoring_system": "epss", "scoring_elements": "0.95751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21961", "scoring_system": "epss", "scoring_elements": "0.95744", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7589" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304416", "reference_id": "2304416", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304416" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2006-5051", "reference_id": "CVERecord?id=CVE-2006-5051", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2006-5051" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2024-6387", "reference_id": "CVERecord?id=CVE-2024-6387", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2024-6387" }, { "reference_url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc", "reference_id": "FreeBSD-SA-24:08.openssh.asc", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/" } ], "url": "https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7589" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1x8n-5rvu-1kfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88042?format=api", "vulnerability_id": "VCID-3jeb-49yf-xbfw", "summary": "openssh: possible privilege escalation when using ChrootDirectory setting", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11903", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12062", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11949", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11972", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11945", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11816", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11812", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1193", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-2904" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=522141", "reference_id": "522141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=522141" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1470", "reference_id": "RHSA-2009:1470", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1470" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-2904" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3jeb-49yf-xbfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50010?format=api", "vulnerability_id": "VCID-42rr-5scb-rkbt", "summary": "Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88329", "scoring_system": "epss", "scoring_elements": "0.99499", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.88329", "scoring_system": "epss", "scoring_elements": "0.99495", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.88329", "scoring_system": "epss", "scoring_elements": "0.99494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.88329", "scoring_system": "epss", "scoring_elements": "0.99498", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.89568", "scoring_system": "epss", "scoring_elements": "0.99553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.89568", "scoring_system": "epss", "scoring_elements": "0.99555", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.89568", "scoring_system": "epss", "scoring_elements": "0.99556", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25136" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167636", "reference_id": "2167636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167636" }, { "reference_url": "https://security.archlinux.org/AVG-2832", "reference_id": "AVG-2832", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2832" }, { "reference_url": "https://security.gentoo.org/glsa/202307-01", "reference_id": "GLSA-202307-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202307-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2645", "reference_id": "RHSA-2023:2645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2645" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933932?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-25136" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42rr-5scb-rkbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87398?format=api", "vulnerability_id": "VCID-6azx-wz7x-d7cr", "summary": "openssh: Unauthorized local access to host keys on platforms where ssh-rand-helper used", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20005", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20153", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20212", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19938", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20017", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20076", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20091", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20046", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19989", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.1997", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19973", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19971", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4327" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=755640", "reference_id": "755640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=755640" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-4327" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6azx-wz7x-d7cr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86108?format=api", "vulnerability_id": "VCID-6sgs-5zm4-rqcg", "summary": "openssh: ~/.k5users unexpectedly grants remote login", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0425.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0425.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9278", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57561", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.5753", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57551", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57527", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.5758", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57584", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57578", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57557", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57585", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57581", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9278" }, { "reference_url": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.mindrot.org/show_bug.cgi?id=1867" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99090" }, { "reference_url": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855", "reference_id": "", "reference_type": "", "scores": [], "url": "http://thread.gmane.org/gmane.comp.encryption.kerberos.general/15855" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/12/02/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/12/02/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/12/04/17", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/12/04/17" }, { "reference_url": "http://www.securityfocus.com/bid/71420", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71420" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843", "reference_id": "1169843", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169843" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:fedora:7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9278", "reference_id": "CVE-2014-9278", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0425", "reference_id": "RHSA-2015:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0425" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9278" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6sgs-5zm4-rqcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57328?format=api", "vulnerability_id": "VCID-88tp-4d2a-1ydh", "summary": "A vulnerability has been discovered in OpenSSH, which can lead to remote code execution with root privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42417", "scoring_system": "epss", "scoring_elements": "0.97438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.44589", "scoring_system": "epss", "scoring_elements": "0.97579", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.44589", "scoring_system": "epss", "scoring_elements": "0.97578", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.44589", "scoring_system": "epss", "scoring_elements": "0.9757", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.44589", "scoring_system": "epss", "scoring_elements": "0.97567", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.44589", "scoring_system": "epss", "scoring_elements": "0.97564", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.46693", "scoring_system": "epss", "scoring_elements": "0.97656", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.46693", "scoring_system": "epss", "scoring_elements": "0.97652", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.46693", "scoring_system": "epss", "scoring_elements": "0.97651", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.57627", "scoring_system": "epss", "scoring_elements": "0.98171", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6387" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604", "reference_id": "2294604", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604" }, { "reference_url": "https://security.archlinux.org/ASA-202407-1", "reference_id": "ASA-202407-1", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202407-1" }, { "reference_url": "https://security.archlinux.org/AVG-2855", "reference_id": "AVG-2855", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2855" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5", "reference_id": "cpe:/a:redhat:ceph_storage:5", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6", "reference_id": "cpe:/a:redhat:ceph_storage:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7", "reference_id": "cpe:/a:redhat:ceph_storage:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8", "reference_id": "cpe:/a:redhat:openshift:4.13::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8", "reference_id": "cpe:/a:redhat:openshift:4.14::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8", "reference_id": "cpe:/a:redhat:openshift:4.15::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-6387", "reference_id": "CVE-2024-6387", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-6387" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c", "reference_id": "CVE-2024-6387", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c" }, { "reference_url": "https://security.gentoo.org/glsa/202407-09", "reference_id": "GLSA-202407-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202407-09" }, { "reference_url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt", "reference_id": "regresshion.txt", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt" }, { "reference_url": "https://www.openssh.com/txt/release-9.8", "reference_id": "release-9.8", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://www.openssh.com/txt/release-9.8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4312", "reference_id": "RHSA-2024:4312", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4312" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4340", "reference_id": "RHSA-2024:4340", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4389", "reference_id": "RHSA-2024:4389", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4389" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4469", "reference_id": "RHSA-2024:4469", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4469" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4474", "reference_id": "RHSA-2024:4474", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4474" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4479", "reference_id": "RHSA-2024:4479", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4479" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4484", "reference_id": "RHSA-2024:4484", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4484" }, { "reference_url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html", "reference_id": "sshing_the_masses.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/" } ], "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html" }, { "reference_url": "https://usn.ubuntu.com/6859-1/", "reference_id": "USN-6859-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6859-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933940?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933941?format=api", "purl": "pkg:deb/debian/openssh@1:9.7p1-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.7p1-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6387" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88tp-4d2a-1ydh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88607?format=api", "vulnerability_id": "VCID-9ycq-9rwj-8kav", "summary": "audit logging of failed logins", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85607", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.8562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85638", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85676", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85691", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85687", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85683", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02629", "scoring_system": "epss", "scoring_elements": "0.85711", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3102" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=243204", "reference_id": "243204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=243204" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0540", "reference_id": "RHSA-2007:0540", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0555", "reference_id": "RHSA-2007:0555", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0555" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0703", "reference_id": "RHSA-2007:0703", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0703" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0737", "reference_id": "RHSA-2007:0737", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0737" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3102" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ycq-9rwj-8kav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88456?format=api", "vulnerability_id": "VCID-bytd-a69u-dkfv", "summary": "openssh: SO_REUSEADDR insecure for X11 forwarding sockets on some platforms", "references": [ { "reference_url": "http://openssh.com/security.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://openssh.com/security.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0714", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06879", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06983", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07037", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07016", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0707", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07101", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07097", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07087", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07009", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-3259" }, { "reference_url": "http://secunia.com/advisories/31179", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31179" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43940" }, { "reference_url": "http://www.openssh.com/txt/release-5.1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openssh.com/txt/release-5.1" }, { "reference_url": "http://www.securityfocus.com/bid/30339", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30339" }, { "reference_url": "http://www.securitytracker.com/id?1020537", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020537" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2148", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2148" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=456426", "reference_id": "456426", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=456426" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3259", "reference_id": "CVE-2008-3259", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-3259" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-3259" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bytd-a69u-dkfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75014?format=api", "vulnerability_id": "VCID-c52m-7sh8-eke1", "summary": "openssh: Logic error in ObscureKeystrokeTiming", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86479", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86474", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86459", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86466", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86442", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02949", "scoring_system": "epss", "scoring_elements": "0.86422", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03028", "scoring_system": "epss", "scoring_elements": "0.86661", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-39894" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html", "reference_id": "000158.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2024/07/02/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2024/07/02/1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764", "reference_id": "1076764", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295273", "reference_id": "2295273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295273" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/28/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/23/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/03/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/03/6" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2024/07/23/6", "reference_id": "6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6" }, { "reference_url": "https://news.ycombinator.com/item?id=41508530", "reference_id": "item?id=41508530", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://news.ycombinator.com/item?id=41508530" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240712-0004/", "reference_id": "ntap-20240712-0004", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240712-0004/" }, { "reference_url": "https://www.openssh.com/txt/release-9.8", "reference_id": "release-9.8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://www.openssh.com/txt/release-9.8" }, { "reference_url": "https://crzphil.github.io/posts/ssh-obfuscation-bypass/", "reference_id": "ssh-obfuscation-bypass", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/" } ], "url": "https://crzphil.github.io/posts/ssh-obfuscation-bypass/" }, { "reference_url": "https://usn.ubuntu.com/6887-1/", "reference_id": "USN-6887-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6887-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933939?format=api", "purl": "pkg:deb/debian/openssh@1:9.8p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.8p1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-39894" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c52m-7sh8-eke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47190?format=api", "vulnerability_id": "VCID-cz6k-qmqx-cybc", "summary": "Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26466", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98288", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98281", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98278", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98272", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98273", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.98269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.60426", "scoring_system": "epss", "scoring_elements": "0.9829", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.62871", "scoring_system": "epss", "scoring_elements": "0.98392", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26466" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://seclists.org/oss-sec/2025/q1/144", "reference_id": "144", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/" } ], "url": "https://seclists.org/oss-sec/2025/q1/144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345043", "reference_id": "2345043", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345043" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4", "reference_id": "cpe:/a:redhat:openshift:4", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26466", "reference_id": "CVE-2025-26466", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26466" }, { "reference_url": "https://security.gentoo.org/glsa/202502-01", "reference_id": "GLSA-202502-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202502-01" }, { "reference_url": "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt", "reference_id": "openssh-mitm-dos.txt", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/" } ], "url": "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt" }, { "reference_url": "https://usn.ubuntu.com/7270-1/", "reference_id": "USN-7270-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7270-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933944?format=api", "purl": "pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.9p2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26466" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cz6k-qmqx-cybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86804?format=api", "vulnerability_id": "VCID-daku-ks5y-rbdj", "summary": "openssh: uninitialized variable use in J-PAKE implementation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93912", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93921", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93933", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.9394", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93941", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12538", "scoring_system": "epss", "scoring_elements": "0.93962", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1692" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059052", "reference_id": "1059052", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1059052" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-1692" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-daku-ks5y-rbdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103802?format=api", "vulnerability_id": "VCID-dr6k-gpbz-5qcs", "summary": "Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18474", "scoring_system": "epss", "scoring_elements": "0.95203", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18474", "scoring_system": "epss", "scoring_elements": "0.95215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18474", "scoring_system": "epss", "scoring_elements": "0.95217", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95675", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95687", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95691", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95693", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95705", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21352", "scoring_system": "epss", "scoring_elements": "0.95706", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1357" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1357" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dr6k-gpbz-5qcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74977?format=api", "vulnerability_id": "VCID-fafq-mggp-cbem", "summary": "openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98939", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98937", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98938", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98927", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.9893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98933", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.76397", "scoring_system": "epss", "scoring_elements": "0.98934", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6409" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295085", "reference_id": "2295085", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295085" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8", "reference_id": "cpe:/a:redhat:openshift:4.13::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9", "reference_id": "cpe:/a:redhat:openshift:4.13::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8", "reference_id": "cpe:/a:redhat:openshift:4.14::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9", "reference_id": "cpe:/a:redhat:openshift:4.14::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8", "reference_id": "cpe:/a:redhat:openshift:4.15::el8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9", "reference_id": "cpe:/a:redhat:openshift:4.15::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9", "reference_id": "cpe:/a:redhat:openshift:4.16::el9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-6409", "reference_id": "CVE-2024-6409", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-6409" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4457", "reference_id": "RHSA-2024:4457", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4716", "reference_id": "RHSA-2024:4716", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4716" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4910", "reference_id": "RHSA-2024:4910", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4955", "reference_id": "RHSA-2024:4955", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:4955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5444", "reference_id": "RHSA-2024:5444", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5444" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6409" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fafq-mggp-cbem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/101609?format=api", "vulnerability_id": "VCID-g514-1b64-kudx", "summary": "SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.", "references": [ { "reference_url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0159.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://archives.neohapsis.com/archives/bugtraq/2001-02/0159.html" }, { "reference_url": "http://online.securityfocus.com/bid/2356", "reference_id": "", "reference_type": "", "scores": [], "url": "http://online.securityfocus.com/bid/2356" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2001-1585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55248", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57456", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57455", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57508", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57504", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57488", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2001-1585" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6084" }, { "reference_url": "http://www.openbsd.org/advisories/ssh_bypass.txt", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/advisories/ssh_bypass.txt" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2001-1585", "reference_id": "CVE-2001-1585", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2001-1585" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2001-1585" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g514-1b64-kudx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77890?format=api", "vulnerability_id": "VCID-h6pg-t5c8-53br", "summary": "openssh: destination constraints only apply to first PKCS#11 key", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51384", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11529", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11582", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11371", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11513", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11523", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11489", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11322", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11445", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51384" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255268", "reference_id": "2255268", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2255268" }, { "reference_url": "https://usn.ubuntu.com/6565-1/", "reference_id": "USN-6565-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6565-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933933?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933938?format=api", "purl": "pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.6p1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-51384" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6pg-t5c8-53br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/151876?format=api", "vulnerability_id": "VCID-hmyj-ztb3-rbhz", "summary": "FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.", "references": [ { "reference_url": "http://packetstormsecurity.com/files/128972/FreeBSD-Security-Advisory-sshd-Denial-Of-Service.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/128972/FreeBSD-Security-Advisory-sshd-Denial-Of-Service.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8475", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79519", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79438", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79455", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79491", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79497", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79487", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0127", "scoring_system": "epss", "scoring_elements": "0.79515", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-8475" }, { "reference_url": "http://secunia.com/advisories/61440", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/61440" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98491" }, { "reference_url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A24.sshd.asc", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-14%3A24.sshd.asc" }, { "reference_url": "http://www.securityfocus.com/bid/70913", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/70913" }, { "reference_url": "http://www.securitytracker.com/id/1031168", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1031168" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8475", "reference_id": "CVE-2014-8475", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8475" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-8475" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmyj-ztb3-rbhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34551?format=api", "vulnerability_id": "VCID-jvn2-cgzv-u3fn", "summary": "Multiple vulnerabilities have been found in OpenSSH, the worst of\n which may allow remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673", "reference_id": "", "reference_type": "", "scores": [], "url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63094", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62971", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.6303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63058", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63023", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.6309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63093", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63115", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4478" }, { "reference_url": "http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf" }, { "reference_url": "https://github.com/seb-m/jpake", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/seb-m/jpake" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338" }, { "reference_url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h" }, { "reference_url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=660642", "reference_id": "660642", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=660642" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4478", "reference_id": "CVE-2010-4478", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4478" }, { "reference_url": "https://security.gentoo.org/glsa/201405-06", "reference_id": "GLSA-201405-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-06" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4478" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvn2-cgzv-u3fn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90309?format=api", "vulnerability_id": "VCID-u7hg-g61b-q7fy", "summary": "The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59807", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59879", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59964", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.5993", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59969", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59976", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59961", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2004-1653" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2004-1653" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7hg-g61b-q7fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50011?format=api", "vulnerability_id": "VCID-v3yv-r42f-skdr", "summary": "Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28531", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.5833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.59916", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.59902", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.59884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.59923", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.5993", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00388", "scoring_system": "epss", "scoring_elements": "0.59918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62017", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.62034", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00421", "scoring_system": "epss", "scoring_elements": "0.61998", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28531" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166", "reference_id": "1033166", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179334", "reference_id": "2179334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179334" }, { "reference_url": "https://security.gentoo.org/glsa/202307-01", "reference_id": "GLSA-202307-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202307-01" }, { "reference_url": "https://usn.ubuntu.com/6560-1/", "reference_id": "USN-6560-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6560-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933933?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933934?format=api", "purl": "pkg:deb/debian/openssh@1:9.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.3p1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-28531" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v3yv-r42f-skdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103803?format=api", "vulnerability_id": "VCID-wskn-7rs4-xyh6", "summary": "Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88596", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88649", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88655", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88652", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.8865", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1358" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1358" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wskn-7rs4-xyh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/104160?format=api", "vulnerability_id": "VCID-wvmb-brge-13cq", "summary": "SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1715", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28454", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28548", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28394", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28504", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28412", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28354", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1715" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt", "reference_id": "CVE-2002-1715;OSVDB-23589", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt" }, { "reference_url": "https://www.securityfocus.com/bid/4547/info", "reference_id": "CVE-2002-1715;OSVDB-23589", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/4547/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1715" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wvmb-brge-13cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62405?format=api", "vulnerability_id": "VCID-xewq-4k2z-vqgg", "summary": "Multiple vulnerabilities have been found in OpenSSH, the worst of\n which could lead to arbitrary code execution, or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57043", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.56926", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57023", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57073", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57074", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57085", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57065", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57041", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57069", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57066", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-6565" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252861", "reference_id": "1252861", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1252861" }, { "reference_url": "http://seclists.org/oss-sec/2017/q1/203", "reference_id": "CVE-2015-6565", "reference_type": "exploit", "scores": [], "url": "http://seclists.org/oss-sec/2017/q1/203" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c", "reference_id": "CVE-2015-6565", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c" }, { "reference_url": "https://security.gentoo.org/glsa/201512-04", "reference_id": "GLSA-201512-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201512-04" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-6565" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xewq-4k2z-vqgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103805?format=api", "vulnerability_id": "VCID-zw1g-y15j-fuhf", "summary": "Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88586", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88596", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88649", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88642", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88655", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.88652", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04128", "scoring_system": "epss", "scoring_elements": "0.8865", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2002-1360" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933883?format=api", "purl": "pkg:deb/debian/openssh@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933878?format=api", "purl": "pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-b4uc-yh56-muej" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933876?format=api", "purl": "pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-a7m6-uqbt-nqd9" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" }, { "vulnerability": "VCID-wga4-sqwk-4bfj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933880?format=api", "purl": "pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-ajmg-5kgx-k7h5" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933879?format=api", "purl": "pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-792n-jkzj-qqhd" }, { "vulnerability": "VCID-8efr-budq-6bb6" }, { "vulnerability": "VCID-a4eq-r71a-buhm" }, { "vulnerability": "VCID-bnrq-2fsr-mfgd" }, { "vulnerability": "VCID-kgn5-p8kx-qucj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1062514?format=api", "purl": "pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2002-1360" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zw1g-y15j-fuhf" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie" }