VulnerableCode Package Details - pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2

Essentials
History (36)

purl	pkg:deb/debian/libssh@0.10.6-0%2Bdeb12u2

Next non-vulnerable version	0.12.0-3
Latest non-vulnerable version	0.12.0-3
Risk	3.1

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-4qxq-4833-s7bd Aliases: CVE-2026-0967	libssh: libssh: Denial of Service via inefficient regular expression processing	0.12.0-3 Affected by 0 other vulnerabilities.
VCID-8zdu-udyx-qkhu Aliases: CVE-2026-0968	libssh: libssh: Denial of Service due to malformed SFTP message	0.12.0-3 Affected by 0 other vulnerabilities.
VCID-hhun-qvy9-pydj Aliases: CVE-2026-0964	libssh: Improper sanitation of paths received from SCP servers	0.12.0-3 Affected by 0 other vulnerabilities.
VCID-p6ex-bypb-n3fg Aliases: CVE-2026-0966	libssh: Buffer underflow in ssh_get_hexa() on invalid input	0.12.0-3 Affected by 0 other vulnerabilities.
VCID-v97m-zm6x-gfga Aliases: CVE-2026-3731	libssh: libssh: Denial of Service via out-of-bounds read in SFTP extension name handler	0.12.0-3 Affected by 0 other vulnerabilities.
VCID-y3hu-uqgn-7uhr Aliases: CVE-2026-0965	libssh: libssh: Denial of Service via improper configuration file handling	0.12.0-3 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (6)

Vulnerability	Summary	Aliases
VCID-12kz-zuqz-9qgy	libssh: NULL Pointer Dereference in libssh KEX Session ID Calculation	CVE-2025-8114
VCID-72cq-k33t-zbhu	libssh: Memory Exhaustion via Repeated Key Exchange in libssh	CVE-2025-8277
VCID-kek1-z4s4-tudn	libssh: Use of uninitialized variable in privatekey_from_file()	CVE-2025-4878
VCID-t8nv-wfbj-13e5	libssh: Write beyond bounds in binary to base64 conversion functions	CVE-2025-4877
VCID-u5ts-n3fz-nud9	libssh: Incorrect Return Code Handling in ssh_kdf() in libssh	CVE-2025-5372
VCID-wgkw-5cae-s3ej	libssh: out-of-bounds read in sftp_handle()	CVE-2025-5318

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:11:05.427134+00:00	Debian Importer	Affected by	VCID-hhun-qvy9-pydj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:41:01.706522+00:00	Debian Importer	Affected by	VCID-y3hu-uqgn-7uhr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:52:44.739768+00:00	Debian Importer	Affected by	VCID-8zdu-udyx-qkhu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:34:16.626443+00:00	Debian Importer	Affected by	VCID-v97m-zm6x-gfga	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:07:20.763809+00:00	Debian Importer	Affected by	VCID-4qxq-4833-s7bd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:33:03.152167+00:00	Debian Importer	Affected by	VCID-p6ex-bypb-n3fg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T00:39:00.694220+00:00	Debian Oval Importer	Fixing	VCID-t8nv-wfbj-13e5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:39:25.127490+00:00	Debian Oval Importer	Fixing	VCID-12kz-zuqz-9qgy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:15:26.517011+00:00	Debian Oval Importer	Fixing	VCID-72cq-k33t-zbhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:00:44.185307+00:00	Debian Oval Importer	Fixing	VCID-wgkw-5cae-s3ej	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:35:36.115538+00:00	Debian Oval Importer	Fixing	VCID-u5ts-n3fz-nud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:20:56.933883+00:00	Debian Oval Importer	Fixing	VCID-kek1-z4s4-tudn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-13T09:04:20.530191+00:00	Debian Importer	Affected by	VCID-hhun-qvy9-pydj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:41:35.458324+00:00	Debian Importer	Affected by	VCID-y3hu-uqgn-7uhr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:06:36.555308+00:00	Debian Importer	Affected by	VCID-8zdu-udyx-qkhu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:53:18.011105+00:00	Debian Importer	Affected by	VCID-v97m-zm6x-gfga	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:33:22.336363+00:00	Debian Importer	Affected by	VCID-4qxq-4833-s7bd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:07:26.880478+00:00	Debian Importer	Affected by	VCID-p6ex-bypb-n3fg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-12T00:11:55.597196+00:00	Debian Oval Importer	Fixing	VCID-t8nv-wfbj-13e5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:16:08.842204+00:00	Debian Oval Importer	Fixing	VCID-12kz-zuqz-9qgy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:58:55.666863+00:00	Debian Oval Importer	Fixing	VCID-72cq-k33t-zbhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:44:50.238948+00:00	Debian Oval Importer	Fixing	VCID-wgkw-5cae-s3ej	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:22:36.282364+00:00	Debian Oval Importer	Fixing	VCID-u5ts-n3fz-nud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:09:13.407976+00:00	Debian Oval Importer	Fixing	VCID-kek1-z4s4-tudn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:42:58.764066+00:00	Debian Oval Importer	Fixing	VCID-t8nv-wfbj-13e5	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:52:25.382486+00:00	Debian Oval Importer	Fixing	VCID-12kz-zuqz-9qgy	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:02:06.343033+00:00	Debian Importer	Affected by	VCID-hhun-qvy9-pydj	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:47:21.836945+00:00	Debian Importer	Affected by	VCID-y3hu-uqgn-7uhr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:23:54.593599+00:00	Debian Importer	Affected by	VCID-8zdu-udyx-qkhu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:14:56.480481+00:00	Debian Importer	Affected by	VCID-v97m-zm6x-gfga	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T19:01:24.001182+00:00	Debian Importer	Affected by	VCID-4qxq-4833-s7bd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:44:02.078641+00:00	Debian Importer	Affected by	VCID-p6ex-bypb-n3fg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-08T18:43:29.525575+00:00	Debian Oval Importer	Fixing	VCID-72cq-k33t-zbhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:29:53.137431+00:00	Debian Oval Importer	Fixing	VCID-wgkw-5cae-s3ej	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:14:24.563051+00:00	Debian Oval Importer	Fixing	VCID-u5ts-n3fz-nud9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:04:20.615161+00:00	Debian Oval Importer	Fixing	VCID-kek1-z4s4-tudn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0