Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/jsch@0.1.54-1
purl pkg:deb/debian/jsch@0.1.54-1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-a7zz-d2w6-93ec Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command. CVE-2016-5725
GHSA-q446-82vq-w674

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:54:34.169519+00:00 Debian Oval Importer Fixing VCID-a7zz-d2w6-93ec https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T23:28:51.289329+00:00 Debian Oval Importer Fixing VCID-a7zz-d2w6-93ec https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T23:01:48.216143+00:00 Debian Oval Importer Fixing VCID-a7zz-d2w6-93ec https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0