Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
Typedeb
Namespacedebian
Nameopenssh
Version1:10.3p1-4
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-19z4-v53b-uua4
vulnerability_id VCID-19z4-v53b-uua4
summary The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1908
reference_id
reference_type
scores
0
value 0.02368
scoring_system epss
scoring_elements 0.85241
published_at 2026-06-04T12:55:00Z
1
value 0.02368
scoring_system epss
scoring_elements 0.85265
published_at 2026-06-07T12:55:00Z
2
value 0.02368
scoring_system epss
scoring_elements 0.85271
published_at 2026-06-06T12:55:00Z
3
value 0.02368
scoring_system epss
scoring_elements 0.85253
published_at 2026-06-08T12:55:00Z
4
value 0.02368
scoring_system epss
scoring_elements 0.85267
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1908
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1034705
reference_id 1034705
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://www.securitytracker.com/id/1034705
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1298741
reference_id 1298741
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1298741
6
reference_url http://openwall.com/lists/oss-security/2016/01/15/13
reference_id 13
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://openwall.com/lists/oss-security/2016/01/15/13
7
reference_url http://www.securityfocus.com/bid/84427
reference_id 84427
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://www.securityfocus.com/bid/84427
8
reference_url https://security.gentoo.org/glsa/201612-18
reference_id GLSA-201612-18
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url https://security.gentoo.org/glsa/201612-18
9
reference_url https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
reference_id ?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c
10
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
11
reference_url http://www.openssh.com/txt/release-7.2
reference_id release-7.2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://www.openssh.com/txt/release-7.2
12
reference_url https://access.redhat.com/errata/RHSA-2016:0465
reference_id RHSA-2016:0465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0465
13
reference_url http://rhn.redhat.com/errata/RHSA-2016-0465.html
reference_id RHSA-2016-0465.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://rhn.redhat.com/errata/RHSA-2016-0465.html
14
reference_url https://access.redhat.com/errata/RHSA-2016:0741
reference_id RHSA-2016:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0741
15
reference_url http://rhn.redhat.com/errata/RHSA-2016-0741.html
reference_id RHSA-2016-0741.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url http://rhn.redhat.com/errata/RHSA-2016-0741.html
16
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:14:41Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
17
reference_url https://usn.ubuntu.com/2966-1/
reference_id USN-2966-1
reference_type
scores
url https://usn.ubuntu.com/2966-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.2p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.2p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.2p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-1908
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19z4-v53b-uua4
1
url VCID-1g1a-dx81-fugd
vulnerability_id VCID-1g1a-dx81-fugd
summary The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8325
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.23503
published_at 2026-06-09T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23536
published_at 2026-06-04T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.23618
published_at 2026-06-05T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23601
published_at 2026-06-06T12:55:00Z
4
value 0.00079
scoring_system epss
scoring_elements 0.23555
published_at 2026-06-07T12:55:00Z
5
value 0.00079
scoring_system epss
scoring_elements 0.23499
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8325
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv2
scoring_elements AV:L/AC:M/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1036487
reference_id 1036487
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url http://www.securitytracker.com/id/1036487
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1328012
reference_id 1328012
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1328012
6
reference_url http://www.securityfocus.com/bid/86187
reference_id 86187
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url http://www.securityfocus.com/bid/86187
7
reference_url https://security-tracker.debian.org/tracker/CVE-2015-8325
reference_id CVE-2015-8325
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://security-tracker.debian.org/tracker/CVE-2015-8325
8
reference_url https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html
reference_id CVE-2015-8325.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html
9
reference_url http://www.debian.org/security/2016/dsa-3550
reference_id dsa-3550
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url http://www.debian.org/security/2016/dsa-3550
10
reference_url https://security.gentoo.org/glsa/201612-18
reference_id GLSA-201612-18
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://security.gentoo.org/glsa/201612-18
11
reference_url https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
reference_id ?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
12
reference_url https://security.netapp.com/advisory/ntap-20180628-0001/
reference_id ntap-20180628-0001
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://security.netapp.com/advisory/ntap-20180628-0001/
13
reference_url https://access.redhat.com/errata/RHSA-2016:2588
reference_id RHSA-2016:2588
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2588
14
reference_url http://rhn.redhat.com/errata/RHSA-2016-2588.html
reference_id RHSA-2016-2588.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url http://rhn.redhat.com/errata/RHSA-2016-2588.html
15
reference_url https://access.redhat.com/errata/RHSA-2017:0641
reference_id RHSA-2017:0641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0641
16
reference_url http://rhn.redhat.com/errata/RHSA-2017-0641.html
reference_id RHSA-2017-0641.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url http://rhn.redhat.com/errata/RHSA-2017-0641.html
17
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-22T14:28:36Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
18
reference_url https://usn.ubuntu.com/2966-1/
reference_id USN-2966-1
reference_type
scores
url https://usn.ubuntu.com/2966-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.2p2-3?distro=trixie
purl pkg:deb/debian/openssh@1:7.2p2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.2p2-3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-8325
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1g1a-dx81-fugd
2
url VCID-2259-7fuv-2fdj
vulnerability_id VCID-2259-7fuv-2fdj
summary OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15473.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15473.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-15473
reference_id
reference_type
scores
0
value 0.90356
scoring_system epss
scoring_elements 0.99619
published_at 2026-06-09T12:55:00Z
1
value 0.90356
scoring_system epss
scoring_elements 0.99618
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-15473
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1041487
reference_id 1041487
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url http://www.securitytracker.com/id/1041487
5
reference_url http://www.securityfocus.com/bid/105140
reference_id 105140
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url http://www.securityfocus.com/bid/105140
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1619063
reference_id 1619063
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1619063
7
reference_url https://usn.ubuntu.com/3809-1/
reference_id 3809-1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://usn.ubuntu.com/3809-1/
8
reference_url https://www.exploit-db.com/exploits/45210/
reference_id 45210
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://www.exploit-db.com/exploits/45210/
9
reference_url https://www.exploit-db.com/exploits/45233/
reference_id 45233
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://www.exploit-db.com/exploits/45233/
10
reference_url https://www.exploit-db.com/exploits/45939/
reference_id 45939
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://www.exploit-db.com/exploits/45939/
11
reference_url http://www.openwall.com/lists/oss-security/2018/08/15/5
reference_id 5
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url http://www.openwall.com/lists/oss-security/2018/08/15/5
12
reference_url https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0
reference_id 779974d35b4859c07bc3cb8a12c74b43b0a7d1e0
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0
13
reference_url https://bugs.debian.org/906236
reference_id 906236
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://bugs.debian.org/906236
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906236
reference_id 906236
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906236
15
reference_url https://security.archlinux.org/AVG-763
reference_id AVG-763
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-763
16
reference_url https://bugfuzz.com/stuff/ssh-check-username.py
reference_id CVE-2018-15473
reference_type exploit
scores
url https://bugfuzz.com/stuff/ssh-check-username.py
17
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45210.py
reference_id CVE-2018-15473
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45210.py
18
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45233.py
reference_id CVE-2018-15473
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45233.py
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45939.py
reference_id CVE-2018-15473
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45939.py
20
reference_url https://www.debian.org/security/2018/dsa-4280
reference_id dsa-4280
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://www.debian.org/security/2018/dsa-4280
21
reference_url https://security.gentoo.org/glsa/201810-03
reference_id GLSA-201810-03
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://security.gentoo.org/glsa/201810-03
22
reference_url https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html
23
reference_url https://security.netapp.com/advisory/ntap-20181101-0001/
reference_id ntap-20181101-0001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://security.netapp.com/advisory/ntap-20181101-0001/
24
reference_url https://access.redhat.com/errata/RHSA-2019:0711
reference_id RHSA-2019:0711
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://access.redhat.com/errata/RHSA-2019:0711
25
reference_url https://access.redhat.com/errata/RHSA-2019:2143
reference_id RHSA-2019:2143
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://access.redhat.com/errata/RHSA-2019:2143
26
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011
reference_id SNWLID-2018-0011
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011
27
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:7.7p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:7.7p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.7p1-4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2018-15473
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2259-7fuv-2fdj
3
url VCID-2ew4-fbtw-w3dr
vulnerability_id VCID-2ew4-fbtw-w3dr
summary "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0682.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0682.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0682
reference_id
reference_type
scores
0
value 0.0033
scoring_system epss
scoring_elements 0.56201
published_at 2026-06-04T12:55:00Z
1
value 0.0033
scoring_system epss
scoring_elements 0.56256
published_at 2026-06-05T12:55:00Z
2
value 0.0033
scoring_system epss
scoring_elements 0.56263
published_at 2026-06-06T12:55:00Z
3
value 0.0033
scoring_system epss
scoring_elements 0.5625
published_at 2026-06-07T12:55:00Z
4
value 0.0033
scoring_system epss
scoring_elements 0.56234
published_at 2026-06-08T12:55:00Z
5
value 0.0033
scoring_system epss
scoring_elements 0.56253
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0682
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0682
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617063
reference_id 1617063
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617063
4
reference_url https://access.redhat.com/errata/RHSA-2003:279
reference_id RHSA-2003:279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:279
5
reference_url https://access.redhat.com/errata/RHSA-2003:280
reference_id RHSA-2003:280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:280
fixed_packages
0
url pkg:deb/debian/openssh@1:3.6.1p2-9?distro=trixie
purl pkg:deb/debian/openssh@1:3.6.1p2-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.6.1p2-9%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0682
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ew4-fbtw-w3dr
4
url VCID-2t48-wgzq-jqdb
vulnerability_id VCID-2t48-wgzq-jqdb
summary Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5794.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5794.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5794
reference_id
reference_type
scores
0
value 0.03013
scoring_system epss
scoring_elements 0.8685
published_at 2026-06-04T12:55:00Z
1
value 0.03013
scoring_system epss
scoring_elements 0.86873
published_at 2026-06-05T12:55:00Z
2
value 0.03013
scoring_system epss
scoring_elements 0.8687
published_at 2026-06-06T12:55:00Z
3
value 0.03013
scoring_system epss
scoring_elements 0.86867
published_at 2026-06-07T12:55:00Z
4
value 0.03013
scoring_system epss
scoring_elements 0.86857
published_at 2026-06-08T12:55:00Z
5
value 0.03013
scoring_system epss
scoring_elements 0.86869
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5794
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5794
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5794
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=214641
reference_id 214641
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=214641
4
reference_url https://access.redhat.com/errata/RHSA-2006:0738
reference_id RHSA-2006:0738
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0738
fixed_packages
0
url pkg:deb/debian/openssh@1:4.3p2-6?distro=trixie
purl pkg:deb/debian/openssh@1:4.3p2-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.3p2-6%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-5794
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2t48-wgzq-jqdb
5
url VCID-2ux1-mzk1-hbht
vulnerability_id VCID-2ux1-mzk1-hbht
summary Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3115
reference_id
reference_type
scores
0
value 0.50367
scoring_system epss
scoring_elements 0.97891
published_at 2026-06-04T12:55:00Z
1
value 0.50367
scoring_system epss
scoring_elements 0.97896
published_at 2026-06-09T12:55:00Z
2
value 0.50367
scoring_system epss
scoring_elements 0.97895
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3115
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1035249
reference_id 1035249
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://www.securitytracker.com/id/1035249
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1316829
reference_id 1316829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1316829
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html
reference_id 178838.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html
7
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html
reference_id 179924.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html
8
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html
reference_id 180491.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html
9
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html
reference_id 183101.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html
10
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html
reference_id 183122.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html
11
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html
reference_id 184264.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html
12
reference_url https://www.exploit-db.com/exploits/39569/
reference_id 39569
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://www.exploit-db.com/exploits/39569/
13
reference_url http://seclists.org/fulldisclosure/2016/Mar/46
reference_id 46
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://seclists.org/fulldisclosure/2016/Mar/46
14
reference_url http://seclists.org/fulldisclosure/2016/Mar/47
reference_id 47
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://seclists.org/fulldisclosure/2016/Mar/47
15
reference_url http://www.securityfocus.com/bid/84314
reference_id 84314
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://www.securityfocus.com/bid/84314
16
reference_url https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
reference_id cve-2016-3115
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115
17
reference_url https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115
reference_id CVE-2016-3115
reference_type exploit
scores
url https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115
18
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py
reference_id CVE-2016-3115
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py
19
reference_url https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc
reference_id FreeBSD-SA-16:14.openssh.asc
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc
20
reference_url https://security.gentoo.org/glsa/201612-18
reference_id GLSA-201612-18
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://security.gentoo.org/glsa/201612-18
21
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
22
reference_url http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html
reference_id OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html
23
reference_url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id ovmbulletinjul2016-3090546.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
24
reference_url https://access.redhat.com/errata/RHSA-2016:0465
reference_id RHSA-2016:0465
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0465
25
reference_url http://rhn.redhat.com/errata/RHSA-2016-0465.html
reference_id RHSA-2016-0465.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://rhn.redhat.com/errata/RHSA-2016-0465.html
26
reference_url https://access.redhat.com/errata/RHSA-2016:0466
reference_id RHSA-2016:0466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0466
27
reference_url http://rhn.redhat.com/errata/RHSA-2016-0466.html
reference_id RHSA-2016-0466.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://rhn.redhat.com/errata/RHSA-2016-0466.html
28
reference_url https://bto.bluecoat.com/security-advisory/sa121
reference_id sa121
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url https://bto.bluecoat.com/security-advisory/sa121
29
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c
reference_id session.c
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c
30
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h
reference_id session.c.diff?r1=1.281&r2=1.282&f=h
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h
31
reference_url https://usn.ubuntu.com/2966-1/
reference_id USN-2966-1
reference_type
scores
url https://usn.ubuntu.com/2966-1/
32
reference_url http://www.openssh.com/txt/x11fwd.adv
reference_id x11fwd.adv
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:26:37Z/
url http://www.openssh.com/txt/x11fwd.adv
fixed_packages
0
url pkg:deb/debian/openssh@1:7.2p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.2p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.2p2-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-3115
risk_score 10.0
exploitability 2.0
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ux1-mzk1-hbht
6
url VCID-2wag-yq6a-2kg8
vulnerability_id VCID-2wag-yq6a-2kg8
summary The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5600
reference_id
reference_type
scores
0
value 0.78359
scoring_system epss
scoring_elements 0.99049
published_at 2026-06-05T12:55:00Z
1
value 0.78359
scoring_system epss
scoring_elements 0.99051
published_at 2026-06-06T12:55:00Z
2
value 0.78359
scoring_system epss
scoring_elements 0.9905
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5600
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600
3
reference_url http://www.securitytracker.com/id/1032988
reference_id 1032988
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.securitytracker.com/id/1032988
4
reference_url https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12
reference_id 1174-security-advisory-12
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://www.arista.com/en/support/advisories-notices/security-advisories/1174-security-advisory-12
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1245969
reference_id 1245969
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1245969
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html
reference_id 162955.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-July/162955.html
7
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
reference_id 165170.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
8
reference_url http://openwall.com/lists/oss-security/2015/07/23/4
reference_id 4
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://openwall.com/lists/oss-security/2015/07/23/4
9
reference_url http://www.securityfocus.com/bid/75990
reference_id 75990
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.securityfocus.com/bid/75990
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616
reference_id 793616
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616
11
reference_url http://www.securityfocus.com/bid/91787
reference_id 91787
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.securityfocus.com/bid/91787
12
reference_url http://seclists.org/fulldisclosure/2015/Jul/92
reference_id 92
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://seclists.org/fulldisclosure/2015/Jul/92
13
reference_url http://www.securityfocus.com/bid/92012
reference_id 92012
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.securityfocus.com/bid/92012
14
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c
reference_id auth2-chall.c
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c
15
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r1=1.42&r2=1.43&f=h
reference_id auth2-chall.c.diff?r1=1.42&r2=1.43&f=h
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth2-chall.c.diff?r1=1.42&r2=1.43&f=h
16
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
reference_id docDisplay?docId=emr_na-c04952480
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952480
17
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128992
reference_id docDisplay?docId=emr_na-c05128992
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05128992
18
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
reference_id docDisplay?docId=emr_na-c05157667
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
19
reference_url https://security.gentoo.org/glsa/201512-04
reference_id GLSA-201512-04
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://security.gentoo.org/glsa/201512-04
20
reference_url https://support.apple.com/kb/HT205031
reference_id HT205031
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://support.apple.com/kb/HT205031
21
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10697
reference_id index?page=content&id=JSA10697
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10697
22
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10136
reference_id index?page=content&id=SB10136
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10136
23
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10157
reference_id index?page=content&id=SB10157
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10157
24
reference_url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
25
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
26
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
27
reference_url https://security.netapp.com/advisory/ntap-20151106-0001/
reference_id ntap-20151106-0001
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://security.netapp.com/advisory/ntap-20151106-0001/
28
reference_url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id ovmbulletinjul2016-3090546.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
29
reference_url https://access.redhat.com/errata/RHSA-2015:2088
reference_id RHSA-2015:2088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2088
30
reference_url https://access.redhat.com/errata/RHSA-2016:0466
reference_id RHSA-2016:0466
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0466
31
reference_url http://rhn.redhat.com/errata/RHSA-2016-0466.html
reference_id RHSA-2016-0466.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://rhn.redhat.com/errata/RHSA-2016-0466.html
32
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
33
reference_url https://usn.ubuntu.com/2710-1/
reference_id USN-2710-1
reference_type
scores
url https://usn.ubuntu.com/2710-1/
34
reference_url http://www.ubuntu.com/usn/USN-2710-1
reference_id USN-2710-1
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.ubuntu.com/usn/USN-2710-1
35
reference_url http://www.ubuntu.com/usn/USN-2710-2
reference_id USN-2710-2
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:31:47Z/
url http://www.ubuntu.com/usn/USN-2710-2
fixed_packages
0
url pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-5600
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2wag-yq6a-2kg8
7
url VCID-38u7-pvx6-ayb4
vulnerability_id VCID-38u7-pvx6-ayb4
summary 
Improper Validation of Integrity Check Value
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
references
0
reference_url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
reference_id
reference_type
scores
0
value 0.52998
scoring_system epss
scoring_elements 0.98011
published_at 2026-06-09T12:55:00Z
1
value 0.54214
scoring_system epss
scoring_elements 0.98065
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-48795
3
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack
4
reference_url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
5
reference_url https://bugs.gentoo.org/920280
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugs.gentoo.org/920280
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2254210
7
reference_url https://bugzilla.suse.com/show_bug.cgi?id=1217950
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://bugzilla.suse.com/show_bug.cgi?id=1217950
8
reference_url https://cert-portal.siemens.com/productcert/html/ssa-082556.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-082556.html
9
reference_url https://cert-portal.siemens.com/productcert/html/ssa-364175.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-364175.html
10
reference_url https://cert-portal.siemens.com/productcert/html/ssa-769027.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-769027.html
11
reference_url https://cert-portal.siemens.com/productcert/html/ssa-794697.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-794697.html
12
reference_url https://cert-portal.siemens.com/productcert/html/ssa-915275.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://cert-portal.siemens.com/productcert/html/ssa-915275.html
13
reference_url https://crates.io/crates/thrussh/versions
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://crates.io/crates/thrussh/versions
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918
18
reference_url http://seclists.org/fulldisclosure/2024/Mar/21
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://seclists.org/fulldisclosure/2024/Mar/21
19
reference_url https://filezilla-project.org/versions.php
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://filezilla-project.org/versions.php
20
reference_url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://forum.netgate.com/topic/184941/terrapin-ssh-attack
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/apache/mina-sshd/issues/445
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/apache/mina-sshd/issues/445
23
reference_url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
24
reference_url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
25
reference_url https://github.com/cyd01/KiTTY/issues/520
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/cyd01/KiTTY/issues/520
26
reference_url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
27
reference_url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
28
reference_url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/erlang/otp/releases/tag/OTP-26.2.1
29
reference_url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
30
reference_url https://github.com/hierynomus/sshj/issues/916
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/hierynomus/sshj/issues/916
31
reference_url https://github.com/janmojzis/tinyssh/issues/81
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/janmojzis/tinyssh/issues/81
32
reference_url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
33
reference_url https://github.com/libssh2/libssh2/pull/1291
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/libssh2/libssh2/pull/1291
34
reference_url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
35
reference_url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
36
reference_url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
37
reference_url https://github.com/mwiede/jsch/issues/457
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/issues/457
38
reference_url https://github.com/mwiede/jsch/pull/461
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/mwiede/jsch/pull/461
39
reference_url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
40
reference_url https://github.com/NixOS/nixpkgs/pull/275249
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/NixOS/nixpkgs/pull/275249
41
reference_url https://github.com/openssh/openssh-portable/commits/master
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/openssh/openssh-portable/commits/master
42
reference_url https://github.com/paramiko/paramiko/issues/2337
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/paramiko/paramiko/issues/2337
43
reference_url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773
44
reference_url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/issues/2189
45
reference_url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
46
reference_url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
47
reference_url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
48
reference_url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
49
reference_url https://github.com/proftpd/proftpd/issues/456
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/proftpd/proftpd/issues/456
50
reference_url https://github.com/rapier1/hpn-ssh/releases
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/rapier1/hpn-ssh/releases
51
reference_url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
52
reference_url https://github.com/ronf/asyncssh/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ronf/asyncssh/tags
53
reference_url https://github.com/ssh-mitm/ssh-mitm/issues/165
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/ssh-mitm/ssh-mitm/issues/165
54
reference_url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
55
reference_url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
56
reference_url https://github.com/warp-tech/russh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh
57
reference_url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951
58
reference_url https://github.com/warp-tech/russh/releases/tag/v0.40.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/warp-tech/russh/releases/tag/v0.40.2
59
reference_url https://gitlab.com/libssh/libssh-mirror/-/tags
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://gitlab.com/libssh/libssh-mirror/-/tags
60
reference_url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
61
reference_url https://go.dev/cl/550715
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/cl/550715
62
reference_url https://go.dev/issue/64784
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://go.dev/issue/64784
63
reference_url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
64
reference_url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
65
reference_url https://help.panic.com/releasenotes/transmit5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://help.panic.com/releasenotes/transmit5
66
reference_url https://help.panic.com/releasenotes/transmit5/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://help.panic.com/releasenotes/transmit5/
67
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795
68
reference_url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
69
reference_url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
70
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
71
reference_url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
72
reference_url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
73
reference_url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
74
reference_url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
75
reference_url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
76
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
77
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS
78
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
79
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
80
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/
81
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
82
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
83
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/
84
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
85
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
86
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
87
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y
88
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/
89
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
90
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
91
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
92
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD
93
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/
94
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
95
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
96
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
97
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/
98
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7
99
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/
100
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
101
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
102
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O
103
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
104
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3
105
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
106
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
107
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
108
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
109
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
110
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB
111
reference_url https://matt.ucc.asn.au/dropbear/CHANGES
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://matt.ucc.asn.au/dropbear/CHANGES
112
reference_url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
113
reference_url https://news.ycombinator.com/item?id=38684904
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38684904
114
reference_url https://news.ycombinator.com/item?id=38685286
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38685286
115
reference_url https://news.ycombinator.com/item?id=38732005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://news.ycombinator.com/item?id=38732005
116
reference_url https://nova.app/releases/#v11.8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://nova.app/releases/#v11.8
117
reference_url https://oryx-embedded.com/download/#changelog
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://oryx-embedded.com/download/#changelog
118
reference_url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
119
reference_url https://roumenpetrov.info/secsh/#news20231220
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://roumenpetrov.info/secsh/#news20231220
120
reference_url https://security.gentoo.org/glsa/202312-16
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-16
121
reference_url https://security.gentoo.org/glsa/202312-17
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.gentoo.org/glsa/202312-17
122
reference_url https://security.netapp.com/advisory/ntap-20240105-0004
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240105-0004
123
reference_url https://security-tracker.debian.org/tracker/source-package/libssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/libssh2
124
reference_url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
125
reference_url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
126
reference_url https://support.apple.com/kb/HT214084
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://support.apple.com/kb/HT214084
127
reference_url https://twitter.com/TrueSkrillor/status/1736774389725565005
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://twitter.com/TrueSkrillor/status/1736774389725565005
128
reference_url https://winscp.net/eng/docs/history#6.2.2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://winscp.net/eng/docs/history#6.2.2
129
reference_url https://www.bitvise.com/ssh-client-version-history#933
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-client-version-history#933
130
reference_url https://www.bitvise.com/ssh-server-version-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.bitvise.com/ssh-server-version-history
131
reference_url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
132
reference_url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
133
reference_url https://www.debian.org/security/2023/dsa-5586
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5586
134
reference_url https://www.debian.org/security/2023/dsa-5588
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.debian.org/security/2023/dsa-5588
135
reference_url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
136
reference_url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
137
reference_url https://www.netsarang.com/en/xshell-update-history
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.netsarang.com/en/xshell-update-history
138
reference_url https://www.netsarang.com/en/xshell-update-history/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.netsarang.com/en/xshell-update-history/
139
reference_url https://www.openssh.com/openbsd.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/openbsd.html
140
reference_url https://www.openssh.com/txt/release-9.6
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openssh.com/txt/release-9.6
141
reference_url https://www.openwall.com/lists/oss-security/2023/12/18/2
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/18/2
142
reference_url https://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.openwall.com/lists/oss-security/2023/12/20/3
143
reference_url https://www.paramiko.org/changelog.html
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.paramiko.org/changelog.html
144
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed
145
reference_url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
146
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795
147
reference_url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
148
reference_url https://www.terrapin-attack.com
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.terrapin-attack.com
149
reference_url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.theregister.com/2023/12/20/terrapin_attack_ssh
150
reference_url https://www.vandyke.com/products/securecrt/history.txt
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://www.vandyke.com/products/securecrt/history.txt
151
reference_url http://www.openwall.com/lists/oss-security/2023/12/18/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/18/3
152
reference_url http://www.openwall.com/lists/oss-security/2023/12/19/5
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/19/5
153
reference_url http://www.openwall.com/lists/oss-security/2023/12/20/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2023/12/20/3
154
reference_url http://www.openwall.com/lists/oss-security/2024/03/06/3
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/03/06/3
155
reference_url http://www.openwall.com/lists/oss-security/2024/04/17/8
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url http://www.openwall.com/lists/oss-security/2024/04/17/8
156
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
reference_id 1059001
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001
157
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
reference_id 1059002
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002
158
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
reference_id 1059003
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003
159
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
reference_id 1059004
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004
160
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
reference_id 1059005
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005
161
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
reference_id 1059006
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006
162
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
reference_id 1059007
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007
163
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
reference_id 1059058
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058
164
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
reference_id 1059144
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144
165
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
reference_id 1059290
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290
166
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
reference_id 1059294
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294
167
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
reference_id 33XHJUB6ROFUOH2OQNENFROTVH6MHSHA
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/
168
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
reference_id 3CAYYW35MUTNO65RVAELICTNZZFMT2XS
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/
169
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
reference_id 3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/
170
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
reference_id 6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/
171
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
reference_id BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/
172
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
reference_id C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/
173
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
reference_id CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/
174
reference_url https://access.redhat.com/security/cve/cve-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://access.redhat.com/security/cve/cve-2023-48795
175
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-48795
176
reference_url https://security-tracker.debian.org/tracker/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security-tracker.debian.org/tracker/CVE-2023-48795
177
reference_url https://ubuntu.com/security/CVE-2023-48795
reference_id CVE-2023-48795
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://ubuntu.com/security/CVE-2023-48795
178
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://thorntech.com/cve-2023-48795-and-sftp-gateway
179
reference_url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
reference_id CVE-2023-48795-AND-SFTP-GATEWAY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://thorntech.com/cve-2023-48795-and-sftp-gateway/
180
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
reference_id CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit
181
reference_url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
reference_id CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability
182
reference_url https://github.com/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://github.com/advisories/GHSA-45x7-px36-x8w8
183
reference_url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
reference_id GHSA-45x7-px36-x8w8
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8
184
reference_url https://security.gentoo.org/glsa/202407-11
reference_id GLSA-202407-11
reference_type
scores
url https://security.gentoo.org/glsa/202407-11
185
reference_url https://security.gentoo.org/glsa/202407-12
reference_id GLSA-202407-12
reference_type
scores
url https://security.gentoo.org/glsa/202407-12
186
reference_url https://security.gentoo.org/glsa/202509-06
reference_id GLSA-202509-06
reference_type
scores
url https://security.gentoo.org/glsa/202509-06
187
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
reference_id HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/
188
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
reference_id I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/
189
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
reference_id KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/
190
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
reference_id L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/
191
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
reference_id LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/
192
reference_url https://security.netapp.com/advisory/ntap-20240105-0004/
reference_id ntap-20240105-0004
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/
url https://security.netapp.com/advisory/ntap-20240105-0004/
193
reference_url https://access.redhat.com/errata/RHSA-2023:7197
reference_id RHSA-2023:7197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7197
194
reference_url https://access.redhat.com/errata/RHSA-2023:7198
reference_id RHSA-2023:7198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7198
195
reference_url https://access.redhat.com/errata/RHSA-2023:7201
reference_id RHSA-2023:7201
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7201
196
reference_url https://access.redhat.com/errata/RHSA-2024:0040
reference_id RHSA-2024:0040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0040
197
reference_url https://access.redhat.com/errata/RHSA-2024:0429
reference_id RHSA-2024:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0429
198
reference_url https://access.redhat.com/errata/RHSA-2024:0455
reference_id RHSA-2024:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0455
199
reference_url https://access.redhat.com/errata/RHSA-2024:0499
reference_id RHSA-2024:0499
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0499
200
reference_url https://access.redhat.com/errata/RHSA-2024:0538
reference_id RHSA-2024:0538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0538
201
reference_url https://access.redhat.com/errata/RHSA-2024:0594
reference_id RHSA-2024:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0594
202
reference_url https://access.redhat.com/errata/RHSA-2024:0606
reference_id RHSA-2024:0606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0606
203
reference_url https://access.redhat.com/errata/RHSA-2024:0625
reference_id RHSA-2024:0625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0625
204
reference_url https://access.redhat.com/errata/RHSA-2024:0628
reference_id RHSA-2024:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0628
205
reference_url https://access.redhat.com/errata/RHSA-2024:0766
reference_id RHSA-2024:0766
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0766
206
reference_url https://access.redhat.com/errata/RHSA-2024:0789
reference_id RHSA-2024:0789
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0789
207
reference_url https://access.redhat.com/errata/RHSA-2024:0843
reference_id RHSA-2024:0843
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0843
208
reference_url https://access.redhat.com/errata/RHSA-2024:0880
reference_id RHSA-2024:0880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0880
209
reference_url https://access.redhat.com/errata/RHSA-2024:0954
reference_id RHSA-2024:0954
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0954
210
reference_url https://access.redhat.com/errata/RHSA-2024:1130
reference_id RHSA-2024:1130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1130
211
reference_url https://access.redhat.com/errata/RHSA-2024:1150
reference_id RHSA-2024:1150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1150
212
reference_url https://access.redhat.com/errata/RHSA-2024:1192
reference_id RHSA-2024:1192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1192
213
reference_url https://access.redhat.com/errata/RHSA-2024:1193
reference_id RHSA-2024:1193
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1193
214
reference_url https://access.redhat.com/errata/RHSA-2024:1196
reference_id RHSA-2024:1196
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1196
215
reference_url https://access.redhat.com/errata/RHSA-2024:1197
reference_id RHSA-2024:1197
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1197
216
reference_url https://access.redhat.com/errata/RHSA-2024:1210
reference_id RHSA-2024:1210
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1210
217
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
218
reference_url https://access.redhat.com/errata/RHSA-2024:1557
reference_id RHSA-2024:1557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1557
219
reference_url https://access.redhat.com/errata/RHSA-2024:1859
reference_id RHSA-2024:1859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1859
220
reference_url https://access.redhat.com/errata/RHSA-2024:2728
reference_id RHSA-2024:2728
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2728
221
reference_url https://access.redhat.com/errata/RHSA-2024:2735
reference_id RHSA-2024:2735
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2735
222
reference_url https://access.redhat.com/errata/RHSA-2024:2768
reference_id RHSA-2024:2768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2768
223
reference_url https://access.redhat.com/errata/RHSA-2024:2988
reference_id RHSA-2024:2988
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2988
224
reference_url https://access.redhat.com/errata/RHSA-2024:3479
reference_id RHSA-2024:3479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3479
225
reference_url https://access.redhat.com/errata/RHSA-2024:3634
reference_id RHSA-2024:3634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3634
226
reference_url https://access.redhat.com/errata/RHSA-2024:3635
reference_id RHSA-2024:3635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3635
227
reference_url https://access.redhat.com/errata/RHSA-2024:3636
reference_id RHSA-2024:3636
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3636
228
reference_url https://access.redhat.com/errata/RHSA-2024:3918
reference_id RHSA-2024:3918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3918
229
reference_url https://access.redhat.com/errata/RHSA-2024:4010
reference_id RHSA-2024:4010
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4010
230
reference_url https://access.redhat.com/errata/RHSA-2024:4151
reference_id RHSA-2024:4151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4151
231
reference_url https://access.redhat.com/errata/RHSA-2024:4329
reference_id RHSA-2024:4329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4329
232
reference_url https://access.redhat.com/errata/RHSA-2024:4479
reference_id RHSA-2024:4479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4479
233
reference_url https://access.redhat.com/errata/RHSA-2024:4484
reference_id RHSA-2024:4484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4484
234
reference_url https://access.redhat.com/errata/RHSA-2024:4597
reference_id RHSA-2024:4597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4597
235
reference_url https://access.redhat.com/errata/RHSA-2024:4662
reference_id RHSA-2024:4662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4662
236
reference_url https://access.redhat.com/errata/RHSA-2024:4955
reference_id RHSA-2024:4955
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4955
237
reference_url https://access.redhat.com/errata/RHSA-2024:4959
reference_id RHSA-2024:4959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4959
238
reference_url https://access.redhat.com/errata/RHSA-2024:5200
reference_id RHSA-2024:5200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5200
239
reference_url https://access.redhat.com/errata/RHSA-2024:5432
reference_id RHSA-2024:5432
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5432
240
reference_url https://access.redhat.com/errata/RHSA-2024:5433
reference_id RHSA-2024:5433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5433
241
reference_url https://access.redhat.com/errata/RHSA-2024:5438
reference_id RHSA-2024:5438
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:5438
242
reference_url https://access.redhat.com/errata/RHSA-2024:8235
reference_id RHSA-2024:8235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8235
243
reference_url https://access.redhat.com/errata/RHSA-2025:4664
reference_id RHSA-2025:4664
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4664
244
reference_url https://usn.ubuntu.com/6560-1/
reference_id USN-6560-1
reference_type
scores
url https://usn.ubuntu.com/6560-1/
245
reference_url https://usn.ubuntu.com/6560-2/
reference_id USN-6560-2
reference_type
scores
url https://usn.ubuntu.com/6560-2/
246
reference_url https://usn.ubuntu.com/6561-1/
reference_id USN-6561-1
reference_type
scores
url https://usn.ubuntu.com/6561-1/
247
reference_url https://usn.ubuntu.com/6585-1/
reference_id USN-6585-1
reference_type
scores
url https://usn.ubuntu.com/6585-1/
248
reference_url https://usn.ubuntu.com/6589-1/
reference_id USN-6589-1
reference_type
scores
url https://usn.ubuntu.com/6589-1/
249
reference_url https://usn.ubuntu.com/6598-1/
reference_id USN-6598-1
reference_type
scores
url https://usn.ubuntu.com/6598-1/
250
reference_url https://usn.ubuntu.com/6738-1/
reference_id USN-6738-1
reference_type
scores
url https://usn.ubuntu.com/6738-1/
251
reference_url https://usn.ubuntu.com/7051-1/
reference_id USN-7051-1
reference_type
scores
url https://usn.ubuntu.com/7051-1/
252
reference_url https://usn.ubuntu.com/7292-1/
reference_id USN-7292-1
reference_type
scores
url https://usn.ubuntu.com/7292-1/
253
reference_url https://usn.ubuntu.com/7297-1/
reference_id USN-7297-1
reference_type
scores
url https://usn.ubuntu.com/7297-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.6p1-1%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-48795, GHSA-45x7-px36-x8w8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-38u7-pvx6-ayb4
8
url VCID-3u21-gkcv-7kar
vulnerability_id VCID-3u21-gkcv-7kar
summary openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-3497
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23856
published_at 2026-06-05T12:55:00Z
1
value 0.00101
scoring_system epss
scoring_elements 0.27317
published_at 2026-06-09T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.31667
published_at 2026-06-06T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.31597
published_at 2026-06-08T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.31629
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-3497
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595
reference_id 1130595
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2447085
reference_id 2447085
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2447085
6
reference_url https://www.openwall.com/lists/oss-security/2026/03/12/3
reference_id 3
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/
url https://www.openwall.com/lists/oss-security/2026/03/12/3
7
reference_url https://ubuntu.com/security/CVE-2026-3497
reference_id CVE-2026-3497
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/
url https://ubuntu.com/security/CVE-2026-3497
8
reference_url https://access.redhat.com/errata/RHSA-2026:10065
reference_id RHSA-2026:10065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10065
9
reference_url https://access.redhat.com/errata/RHSA-2026:10714
reference_id RHSA-2026:10714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10714
10
reference_url https://access.redhat.com/errata/RHSA-2026:12071
reference_id RHSA-2026:12071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12071
11
reference_url https://access.redhat.com/errata/RHSA-2026:13750
reference_id RHSA-2026:13750
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13750
12
reference_url https://access.redhat.com/errata/RHSA-2026:13812
reference_id RHSA-2026:13812
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13812
13
reference_url https://access.redhat.com/errata/RHSA-2026:14773
reference_id RHSA-2026:14773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14773
14
reference_url https://access.redhat.com/errata/RHSA-2026:14924
reference_id RHSA-2026:14924
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14924
15
reference_url https://access.redhat.com/errata/RHSA-2026:15087
reference_id RHSA-2026:15087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:15087
16
reference_url https://access.redhat.com/errata/RHSA-2026:15891
reference_id RHSA-2026:15891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:15891
17
reference_url https://access.redhat.com/errata/RHSA-2026:15893
reference_id RHSA-2026:15893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:15893
18
reference_url https://access.redhat.com/errata/RHSA-2026:16008
reference_id RHSA-2026:16008
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16008
19
reference_url https://access.redhat.com/errata/RHSA-2026:16009
reference_id RHSA-2026:16009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16009
20
reference_url https://access.redhat.com/errata/RHSA-2026:16030
reference_id RHSA-2026:16030
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16030
21
reference_url https://access.redhat.com/errata/RHSA-2026:16174
reference_id RHSA-2026:16174
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16174
22
reference_url https://access.redhat.com/errata/RHSA-2026:17596
reference_id RHSA-2026:17596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:17596
23
reference_url https://access.redhat.com/errata/RHSA-2026:19724
reference_id RHSA-2026:19724
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19724
24
reference_url https://access.redhat.com/errata/RHSA-2026:19725
reference_id RHSA-2026:19725
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19725
25
reference_url https://access.redhat.com/errata/RHSA-2026:20040
reference_id RHSA-2026:20040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20040
26
reference_url https://access.redhat.com/errata/RHSA-2026:20087
reference_id RHSA-2026:20087
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20087
27
reference_url https://access.redhat.com/errata/RHSA-2026:21690
reference_id RHSA-2026:21690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21690
28
reference_url https://access.redhat.com/errata/RHSA-2026:21695
reference_id RHSA-2026:21695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21695
29
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
30
reference_url https://access.redhat.com/errata/RHSA-2026:6461
reference_id RHSA-2026:6461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6461
31
reference_url https://access.redhat.com/errata/RHSA-2026:6462
reference_id RHSA-2026:6462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6462
32
reference_url https://access.redhat.com/errata/RHSA-2026:6463
reference_id RHSA-2026:6463
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6463
33
reference_url https://access.redhat.com/errata/RHSA-2026:7107
reference_id RHSA-2026:7107
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:7107
34
reference_url https://access.redhat.com/errata/RHSA-2026:9415
reference_id RHSA-2026:9415
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9415
35
reference_url https://access.redhat.com/errata/RHSA-2026:9732
reference_id RHSA-2026:9732
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:9732
36
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
37
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u6?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u6%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie
purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
8
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-3497
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3u21-gkcv-7kar
9
url VCID-4tp2-hhz3-j3gf
vulnerability_id VCID-4tp2-hhz3-j3gf
summary openssh: destination constraints only apply to first PKCS#11 key
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51384.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51384
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03154
published_at 2026-06-09T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03233
published_at 2026-06-05T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03242
published_at 2026-06-06T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.032
published_at 2026-06-07T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03181
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51384
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255268
reference_id 2255268
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255268
4
reference_url https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
reference_id 881d9c6af9da4257c69c327c4e2f1508b2fa754b
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-18T20:51:36Z/
url https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b
5
reference_url https://security.netapp.com/advisory/ntap-20240105-0005/
reference_id ntap-20240105-0005
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-18T20:51:36Z/
url https://security.netapp.com/advisory/ntap-20240105-0005/
6
reference_url https://usn.ubuntu.com/6565-1/
reference_id USN-6565-1
reference_type
scores
url https://usn.ubuntu.com/6565-1/
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.6p1-1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-51384
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4tp2-hhz3-j3gf
10
url VCID-53k3-fxvv-yyh1
vulnerability_id VCID-53k3-fxvv-yyh1
summary Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1360
reference_id
reference_type
scores
0
value 0.04128
scoring_system epss
scoring_elements 0.88832
published_at 2026-06-04T12:55:00Z
1
value 0.04128
scoring_system epss
scoring_elements 0.8885
published_at 2026-06-06T12:55:00Z
2
value 0.04128
scoring_system epss
scoring_elements 0.88847
published_at 2026-06-08T12:55:00Z
3
value 0.04128
scoring_system epss
scoring_elements 0.88864
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1360
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-1360
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-53k3-fxvv-yyh1
11
url VCID-54w3-fjv7-33d8
vulnerability_id VCID-54w3-fjv7-33d8
summary OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0883.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-0883
reference_id
reference_type
scores
0
value 0.01974
scoring_system epss
scoring_elements 0.83872
published_at 2026-06-04T12:55:00Z
1
value 0.01974
scoring_system epss
scoring_elements 0.83895
published_at 2026-06-05T12:55:00Z
2
value 0.01974
scoring_system epss
scoring_elements 0.83898
published_at 2026-06-09T12:55:00Z
3
value 0.01974
scoring_system epss
scoring_elements 0.83893
published_at 2026-06-07T12:55:00Z
4
value 0.01974
scoring_system epss
scoring_elements 0.83883
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-0883
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0883
fixed_packages
0
url pkg:deb/debian/openssh@1:3.8.1p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:3.8.1p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8.1p1-4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-0883
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-54w3-fjv7-33d8
12
url VCID-55nm-g9f8-qfeh
vulnerability_id VCID-55nm-g9f8-qfeh
summary The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1907
reference_id
reference_type
scores
0
value 0.00538
scoring_system epss
scoring_elements 0.67906
published_at 2026-06-04T12:55:00Z
1
value 0.00538
scoring_system epss
scoring_elements 0.67946
published_at 2026-06-09T12:55:00Z
2
value 0.00538
scoring_system epss
scoring_elements 0.67953
published_at 2026-06-06T12:55:00Z
3
value 0.00538
scoring_system epss
scoring_elements 0.67943
published_at 2026-06-07T12:55:00Z
4
value 0.00538
scoring_system epss
scoring_elements 0.67931
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1907
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1298746
reference_id 1298746
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1298746
4
reference_url https://usn.ubuntu.com/2966-1/
reference_id USN-2966-1
reference_type
scores
url https://usn.ubuntu.com/2966-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-1907
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55nm-g9f8-qfeh
13
url VCID-58wb-69t3-jffz
vulnerability_id VCID-58wb-69t3-jffz
summary OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35388.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35388.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35388
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03229
published_at 2026-06-05T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03176
published_at 2026-06-08T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03196
published_at 2026-06-07T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03238
published_at 2026-06-06T12:55:00Z
4
value 0.00017
scoring_system epss
scoring_elements 0.04472
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35388
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35388
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35388
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132575
reference_id 1132575
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132575
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454500
reference_id 2454500
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454500
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 2.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:46:05Z/
url https://www.openssh.org/releasenotes.html#10.3p1
9
reference_url https://access.redhat.com/errata/RHSA-2026:12389
reference_id RHSA-2026:12389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12389
10
reference_url https://access.redhat.com/errata/RHSA-2026:13380
reference_id RHSA-2026:13380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13380
11
reference_url https://access.redhat.com/errata/RHSA-2026:13381
reference_id RHSA-2026:13381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13381
12
reference_url https://access.redhat.com/errata/RHSA-2026:13383
reference_id RHSA-2026:13383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13383
13
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
14
reference_url https://access.redhat.com/errata/RHSA-2026:16059
reference_id RHSA-2026:16059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16059
15
reference_url https://access.redhat.com/errata/RHSA-2026:19069
reference_id RHSA-2026:19069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19069
16
reference_url https://access.redhat.com/errata/RHSA-2026:19219
reference_id RHSA-2026:19219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19219
17
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
18
reference_url https://access.redhat.com/errata/RHSA-2026:21298
reference_id RHSA-2026:21298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21298
19
reference_url https://access.redhat.com/errata/RHSA-2026:21398
reference_id RHSA-2026:21398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21398
20
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
21
reference_url https://access.redhat.com/errata/RHSA-2026:22564
reference_id RHSA-2026:22564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22564
22
reference_url https://access.redhat.com/errata/RHSA-2026:22648
reference_id RHSA-2026:22648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22648
23
reference_url https://usn.ubuntu.com/8222-1/
reference_id USN-8222-1
reference_type
scores
url https://usn.ubuntu.com/8222-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-35388
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58wb-69t3-jffz
14
url VCID-5ckc-fda4-dbdk
vulnerability_id VCID-5ckc-fda4-dbdk
summary privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-41617
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51011
published_at 2026-06-04T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.51045
published_at 2026-06-09T12:55:00Z
2
value 0.00274
scoring_system epss
scoring_elements 0.51056
published_at 2026-06-07T12:55:00Z
3
value 0.00274
scoring_system epss
scoring_elements 0.51026
published_at 2026-06-08T12:55:00Z
4
value 0.00274
scoring_system epss
scoring_elements 0.51073
published_at 2026-06-05T12:55:00Z
5
value 0.00274
scoring_system epss
scoring_elements 0.51078
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-41617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2008291
reference_id 2008291
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2008291
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130
reference_id 995130
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130
6
reference_url https://security.archlinux.org/AVG-2422
reference_id AVG-2422
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2422
7
reference_url https://access.redhat.com/errata/RHSA-2021:4782
reference_id RHSA-2021:4782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:4782
8
reference_url https://access.redhat.com/errata/RHSA-2022:2013
reference_id RHSA-2022:2013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2013
9
reference_url https://usn.ubuntu.com/5666-1/
reference_id USN-5666-1
reference_type
scores
url https://usn.ubuntu.com/5666-1/
10
reference_url https://usn.ubuntu.com/6565-1/
reference_id USN-6565-1
reference_type
scores
url https://usn.ubuntu.com/6565-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.7p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:8.7p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.7p1-1%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2021-41617
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ckc-fda4-dbdk
15
url VCID-5zpy-kayq-hbcb
vulnerability_id VCID-5zpy-kayq-hbcb
summary authentication bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6387
reference_id
reference_type
scores
0
value 0.58898
scoring_system epss
scoring_elements 0.98258
published_at 2026-06-06T12:55:00Z
1
value 0.62675
scoring_system epss
scoring_elements 0.98402
published_at 2026-06-07T12:55:00Z
2
value 0.63835
scoring_system epss
scoring_elements 0.98447
published_at 2026-06-05T12:55:00Z
3
value 0.65792
scoring_system epss
scoring_elements 0.98524
published_at 2026-06-09T12:55:00Z
4
value 0.65792
scoring_system epss
scoring_elements 0.98525
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6387
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2294604
reference_id 2294604
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2294604
4
reference_url https://security.archlinux.org/ASA-202407-1
reference_id ASA-202407-1
reference_type
scores
url https://security.archlinux.org/ASA-202407-1
5
reference_url https://security.archlinux.org/AVG-2855
reference_id AVG-2855
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2855
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
reference_id cpe:/a:redhat:ceph_storage:5
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:5
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
reference_id cpe:/a:redhat:ceph_storage:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:6
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
reference_id cpe:/a:redhat:ceph_storage:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
26
reference_url https://access.redhat.com/security/cve/CVE-2024-6387
reference_id CVE-2024-6387
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/security/cve/CVE-2024-6387
27
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c
reference_id CVE-2024-6387
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/52269.c
28
reference_url https://security.gentoo.org/glsa/202407-09
reference_id GLSA-202407-09
reference_type
scores
url https://security.gentoo.org/glsa/202407-09
29
reference_url https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
reference_id regresshion.txt
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
30
reference_url https://www.openssh.com/txt/release-9.8
reference_id release-9.8
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://www.openssh.com/txt/release-9.8
31
reference_url https://access.redhat.com/errata/RHSA-2024:4312
reference_id RHSA-2024:4312
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4312
32
reference_url https://access.redhat.com/errata/RHSA-2024:4340
reference_id RHSA-2024:4340
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4340
33
reference_url https://access.redhat.com/errata/RHSA-2024:4389
reference_id RHSA-2024:4389
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4389
34
reference_url https://access.redhat.com/errata/RHSA-2024:4469
reference_id RHSA-2024:4469
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4469
35
reference_url https://access.redhat.com/errata/RHSA-2024:4474
reference_id RHSA-2024:4474
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4474
36
reference_url https://access.redhat.com/errata/RHSA-2024:4479
reference_id RHSA-2024:4479
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4479
37
reference_url https://access.redhat.com/errata/RHSA-2024:4484
reference_id RHSA-2024:4484
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://access.redhat.com/errata/RHSA-2024:4484
38
reference_url https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
reference_id sshing_the_masses.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-02T13:18:34Z/
url https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
39
reference_url https://usn.ubuntu.com/6859-1/
reference_id USN-6859-1
reference_type
scores
url https://usn.ubuntu.com/6859-1/
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:9.7p1-7?distro=trixie
purl pkg:deb/debian/openssh@1:9.7p1-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.7p1-7%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2024-6387
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zpy-kayq-hbcb
16
url VCID-64wx-gfxs-yqg3
vulnerability_id VCID-64wx-gfxs-yqg3
summary OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution because of an error in the XMSS key parsing algorithm. NOTE: the XMSS implementation is considered experimental in all released OpenSSH versions, and there is no supported way to enable it when building portable OpenSSH.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-16905
reference_id
reference_type
scores
0
value 0.00271
scoring_system epss
scoring_elements 0.5074
published_at 2026-06-04T12:55:00Z
1
value 0.00271
scoring_system epss
scoring_elements 0.50801
published_at 2026-06-05T12:55:00Z
2
value 0.00271
scoring_system epss
scoring_elements 0.50806
published_at 2026-06-06T12:55:00Z
3
value 0.00271
scoring_system epss
scoring_elements 0.50785
published_at 2026-06-07T12:55:00Z
4
value 0.00271
scoring_system epss
scoring_elements 0.50755
published_at 2026-06-08T12:55:00Z
5
value 0.00271
scoring_system epss
scoring_elements 0.5077
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-16905
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1767966
reference_id 1767966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1767966
4
reference_url https://security.gentoo.org/glsa/201911-01
reference_id GLSA-201911-01
reference_type
scores
url https://security.gentoo.org/glsa/201911-01
fixed_packages
0
url pkg:deb/debian/openssh@1:8.1p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:8.1p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.1p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2019-16905
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64wx-gfxs-yqg3
17
url VCID-6smw-xrsp-wkbk
vulnerability_id VCID-6smw-xrsp-wkbk
summary OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1507.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1507.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2001-1507
reference_id
reference_type
scores
0
value 0.00901
scoring_system epss
scoring_elements 0.76054
published_at 2026-06-04T12:55:00Z
1
value 0.00901
scoring_system epss
scoring_elements 0.76079
published_at 2026-06-06T12:55:00Z
2
value 0.00901
scoring_system epss
scoring_elements 0.76072
published_at 2026-06-07T12:55:00Z
3
value 0.00901
scoring_system epss
scoring_elements 0.76058
published_at 2026-06-08T12:55:00Z
4
value 0.00901
scoring_system epss
scoring_elements 0.76083
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2001-1507
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1507
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1507
fixed_packages
0
url pkg:deb/debian/openssh@1:3.0.1?distro=trixie
purl pkg:deb/debian/openssh@1:3.0.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.0.1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2001-1507
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6smw-xrsp-wkbk
18
url VCID-6vhg-94bc-3kgp
vulnerability_id VCID-6vhg-94bc-3kgp
summary OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0190.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0190.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0190
reference_id
reference_type
scores
0
value 0.20579
scoring_system epss
scoring_elements 0.95687
published_at 2026-06-04T12:55:00Z
1
value 0.20579
scoring_system epss
scoring_elements 0.95693
published_at 2026-06-05T12:55:00Z
2
value 0.20579
scoring_system epss
scoring_elements 0.95697
published_at 2026-06-06T12:55:00Z
3
value 0.20579
scoring_system epss
scoring_elements 0.95698
published_at 2026-06-08T12:55:00Z
4
value 0.20579
scoring_system epss
scoring_elements 0.95702
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0190
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0190
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0190
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616997
reference_id 1616997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616997
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196413
reference_id 196413
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196413
5
reference_url http://lab.mediaservice.net/advisory/2003-01-openssh.txt
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url http://lab.mediaservice.net/advisory/2003-01-openssh.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25.c
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25.c
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26.sh
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26.sh
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/3303.sh
reference_id OSVDB-32721;CVE-2006-5229;OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/3303.sh
9
reference_url https://access.redhat.com/errata/RHSA-2003:222
reference_id RHSA-2003:222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:222
10
reference_url https://access.redhat.com/errata/RHSA-2003:224
reference_id RHSA-2003:224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:224
11
reference_url https://usn.ubuntu.com/34-1/
reference_id USN-34-1
reference_type
scores
url https://usn.ubuntu.com/34-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
purl pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0190
risk_score 0.4
exploitability 2.0
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6vhg-94bc-3kgp
19
url VCID-73kr-3f75-5kb4
vulnerability_id VCID-73kr-3f75-5kb4
summary openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61985.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61985.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61985
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19312
published_at 2026-06-09T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19413
published_at 2026-06-05T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19407
published_at 2026-06-06T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19362
published_at 2026-06-07T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19291
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61985
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61985
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61985
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.openwall.com/lists/oss-security/2025/10/06/1
reference_id 1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://www.openwall.com/lists/oss-security/2025/10/06/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117530
reference_id 1117530
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117530
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401962
reference_id 2401962
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401962
7
reference_url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
reference_id ?l=openssh-unix-dev&m=175974522032149&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
8
reference_url https://www.openssh.com/releasenotes.html#10.1p1
reference_id releasenotes.html#10.1p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-06T18:33:49Z/
url https://www.openssh.com/releasenotes.html#10.1p1
9
reference_url https://access.redhat.com/errata/RHSA-2025:23479
reference_id RHSA-2025:23479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23479
10
reference_url https://access.redhat.com/errata/RHSA-2025:23480
reference_id RHSA-2025:23480
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23480
11
reference_url https://access.redhat.com/errata/RHSA-2025:23481
reference_id RHSA-2025:23481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23481
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
14
reference_url https://access.redhat.com/errata/RHSA-2026:0693
reference_id RHSA-2026:0693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0693
15
reference_url https://access.redhat.com/errata/RHSA-2026:0976
reference_id RHSA-2026:0976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0976
16
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
17
reference_url https://access.redhat.com/errata/RHSA-2026:1678
reference_id RHSA-2026:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1678
18
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
19
reference_url https://access.redhat.com/errata/RHSA-2026:1815
reference_id RHSA-2026:1815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1815
20
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
21
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
22
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
23
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.1p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.1p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.1p1-1%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
8
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2025-61985
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73kr-3f75-5kb4
20
url VCID-73vv-rns1-8qcj
vulnerability_id VCID-73vv-rns1-8qcj
summary OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-3259.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-3259
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.0761
published_at 2026-06-04T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07644
published_at 2026-06-05T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07654
published_at 2026-06-06T12:55:00Z
3
value 0.00025
scoring_system epss
scoring_elements 0.07631
published_at 2026-06-07T12:55:00Z
4
value 0.00025
scoring_system epss
scoring_elements 0.07583
published_at 2026-06-08T12:55:00Z
5
value 0.00025
scoring_system epss
scoring_elements 0.07592
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-3259
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=456426
reference_id 456426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=456426
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-3259
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73vv-rns1-8qcj
21
url VCID-7g2y-6r3w-wbg1
vulnerability_id VCID-7g2y-6r3w-wbg1
summary openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32728
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45443
published_at 2026-06-09T12:55:00Z
1
value 0.00226
scoring_system epss
scoring_elements 0.45471
published_at 2026-06-05T12:55:00Z
2
value 0.00226
scoring_system epss
scoring_elements 0.45474
published_at 2026-06-06T12:55:00Z
3
value 0.00226
scoring_system epss
scoring_elements 0.45454
published_at 2026-06-07T12:55:00Z
4
value 0.00226
scoring_system epss
scoring_elements 0.45429
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32728
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
reference_id 013_ssh.patch.sig
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
5
reference_url https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
reference_id 041879.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603
reference_id 1102603
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2358767
reference_id 2358767
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2358767
8
reference_url https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
reference_id fc86875e6acb36401dfc1dfb6b628a9d1460f367
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
9
reference_url https://www.openssh.com/txt/release-10.0
reference_id release-10.0
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://www.openssh.com/txt/release-10.0
10
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/
url https://www.openssh.com/txt/release-7.4
11
reference_url https://access.redhat.com/errata/RHSA-2025:20126
reference_id RHSA-2025:20126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:20126
12
reference_url https://usn.ubuntu.com/7457-1/
reference_id USN-7457-1
reference_type
scores
url https://usn.ubuntu.com/7457-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u5?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u5%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u6?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u6%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2025-32728
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7g2y-6r3w-wbg1
22
url VCID-7ktb-xahq-pfaw
vulnerability_id VCID-7ktb-xahq-pfaw
summary The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0787.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0787.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0787
reference_id
reference_type
scores
0
value 0.00463
scoring_system epss
scoring_elements 0.64639
published_at 2026-06-04T12:55:00Z
1
value 0.00463
scoring_system epss
scoring_elements 0.6468
published_at 2026-06-05T12:55:00Z
2
value 0.00463
scoring_system epss
scoring_elements 0.64689
published_at 2026-06-06T12:55:00Z
3
value 0.00463
scoring_system epss
scoring_elements 0.64678
published_at 2026-06-07T12:55:00Z
4
value 0.00463
scoring_system epss
scoring_elements 0.64668
published_at 2026-06-08T12:55:00Z
5
value 0.00463
scoring_system epss
scoring_elements 0.64686
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0787
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0787
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0787
fixed_packages
0
url pkg:deb/debian/openssh@1:3.7.1p2?distro=trixie
purl pkg:deb/debian/openssh@1:3.7.1p2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.7.1p2%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0787
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ktb-xahq-pfaw
23
url VCID-8vs2-1ky3-83c4
vulnerability_id VCID-8vs2-1ky3-83c4
summary OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35387.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35387
reference_id
reference_type
scores
0
value 0.00052
scoring_system epss
scoring_elements 0.1678
published_at 2026-06-05T12:55:00Z
1
value 0.00052
scoring_system epss
scoring_elements 0.16659
published_at 2026-06-08T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.1674
published_at 2026-06-07T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16776
published_at 2026-06-06T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19167
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35387
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132574
reference_id 1132574
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132574
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454494
reference_id 2454494
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454494
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-03T13:07:49Z/
url https://www.openssh.org/releasenotes.html#10.3p1
9
reference_url https://access.redhat.com/errata/RHSA-2026:12389
reference_id RHSA-2026:12389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12389
10
reference_url https://access.redhat.com/errata/RHSA-2026:13380
reference_id RHSA-2026:13380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13380
11
reference_url https://access.redhat.com/errata/RHSA-2026:13381
reference_id RHSA-2026:13381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13381
12
reference_url https://access.redhat.com/errata/RHSA-2026:13383
reference_id RHSA-2026:13383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13383
13
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
14
reference_url https://access.redhat.com/errata/RHSA-2026:16059
reference_id RHSA-2026:16059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16059
15
reference_url https://access.redhat.com/errata/RHSA-2026:19069
reference_id RHSA-2026:19069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19069
16
reference_url https://access.redhat.com/errata/RHSA-2026:19219
reference_id RHSA-2026:19219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19219
17
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
18
reference_url https://access.redhat.com/errata/RHSA-2026:21298
reference_id RHSA-2026:21298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21298
19
reference_url https://access.redhat.com/errata/RHSA-2026:21398
reference_id RHSA-2026:21398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21398
20
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
21
reference_url https://access.redhat.com/errata/RHSA-2026:22564
reference_id RHSA-2026:22564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22564
22
reference_url https://access.redhat.com/errata/RHSA-2026:22648
reference_id RHSA-2026:22648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22648
23
reference_url https://usn.ubuntu.com/8222-1/
reference_id USN-8222-1
reference_type
scores
url https://usn.ubuntu.com/8222-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-35387
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vs2-1ky3-83c4
24
url VCID-9pvx-jhw9-9qh8
vulnerability_id VCID-9pvx-jhw9-9qh8
summary Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0175.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0175.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0175
reference_id
reference_type
scores
0
value 0.00385
scoring_system epss
scoring_elements 0.60026
published_at 2026-06-04T12:55:00Z
1
value 0.00385
scoring_system epss
scoring_elements 0.60073
published_at 2026-06-05T12:55:00Z
2
value 0.00385
scoring_system epss
scoring_elements 0.60076
published_at 2026-06-06T12:55:00Z
3
value 0.00385
scoring_system epss
scoring_elements 0.60064
published_at 2026-06-07T12:55:00Z
4
value 0.00385
scoring_system epss
scoring_elements 0.60047
published_at 2026-06-08T12:55:00Z
5
value 0.00385
scoring_system epss
scoring_elements 0.60065
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0175
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0175
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0175
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617166
reference_id 1617166
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617166
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
reference_id 270770
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
5
reference_url https://access.redhat.com/errata/RHSA-2005:074
reference_id RHSA-2005:074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:074
6
reference_url https://access.redhat.com/errata/RHSA-2005:106
reference_id RHSA-2005:106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:106
7
reference_url https://access.redhat.com/errata/RHSA-2005:165
reference_id RHSA-2005:165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:165
8
reference_url https://access.redhat.com/errata/RHSA-2005:481
reference_id RHSA-2005:481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:481
9
reference_url https://access.redhat.com/errata/RHSA-2005:495
reference_id RHSA-2005:495
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:495
10
reference_url https://access.redhat.com/errata/RHSA-2005:562
reference_id RHSA-2005:562
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:562
11
reference_url https://access.redhat.com/errata/RHSA-2005:567
reference_id RHSA-2005:567
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:567
fixed_packages
0
url pkg:deb/debian/openssh@1:3.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:3.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2004-0175
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9pvx-jhw9-9qh8
25
url VCID-bakg-yahy-qybz
vulnerability_id VCID-bakg-yahy-qybz
summary Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6564.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6564.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6564
reference_id
reference_type
scores
0
value 0.04032
scoring_system epss
scoring_elements 0.88696
published_at 2026-06-04T12:55:00Z
1
value 0.04139
scoring_system epss
scoring_elements 0.88876
published_at 2026-06-09T12:55:00Z
2
value 0.04139
scoring_system epss
scoring_elements 0.88862
published_at 2026-06-06T12:55:00Z
3
value 0.04139
scoring_system epss
scoring_elements 0.88859
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6564
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6564
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6564
3
reference_url http://www.openwall.com/lists/oss-security/2015/08/22/1
reference_id 1
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://www.openwall.com/lists/oss-security/2015/08/22/1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252852
reference_id 1252852
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1252852
5
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
reference_id 165170.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
6
reference_url http://seclists.org/fulldisclosure/2015/Aug/54
reference_id 54
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://seclists.org/fulldisclosure/2015/Aug/54
7
reference_url https://github.com/openssh/openssh-portable/commit/5e75f5198769056089fb06c4d738ab0e5abc66f7
reference_id 5e75f5198769056089fb06c4d738ab0e5abc66f7
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://github.com/openssh/openssh-portable/commit/5e75f5198769056089fb06c4d738ab0e5abc66f7
8
reference_url http://www.securityfocus.com/bid/76317
reference_id 76317
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://www.securityfocus.com/bid/76317
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
reference_id 795711
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
10
reference_url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-764
reference_id brocade-security-advisory-2019-764
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-764
11
reference_url https://security.gentoo.org/glsa/201512-04
reference_id GLSA-201512-04
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://security.gentoo.org/glsa/201512-04
12
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10136
reference_id index?page=content&id=SB10136
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10136
13
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
14
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
15
reference_url http://www.openssh.com/txt/release-7.0
reference_id release-7.0
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://www.openssh.com/txt/release-7.0
16
reference_url https://access.redhat.com/errata/RHSA-2015:2088
reference_id RHSA-2015:2088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2088
17
reference_url https://access.redhat.com/errata/RHSA-2016:0741
reference_id RHSA-2016:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0741
18
reference_url http://rhn.redhat.com/errata/RHSA-2016-0741.html
reference_id RHSA-2016-0741.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url http://rhn.redhat.com/errata/RHSA-2016-0741.html
19
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:18:01Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-6564
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bakg-yahy-qybz
26
url VCID-bcqb-6d9v-77ax
vulnerability_id VCID-bcqb-6d9v-77ax
summary Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0640.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0640.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0640
reference_id
reference_type
scores
0
value 0.66963
scoring_system epss
scoring_elements 0.98569
published_at 2026-06-04T12:55:00Z
1
value 0.66963
scoring_system epss
scoring_elements 0.98571
published_at 2026-06-08T12:55:00Z
2
value 0.66963
scoring_system epss
scoring_elements 0.9857
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0640
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0640
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0640
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616784
reference_id 1616784
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616784
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21578.txt
reference_id CVE-2002-0640;OSVDB-839
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21578.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21579.txt
reference_id CVE-2002-0640;OSVDB-839
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/remote/21579.txt
7
reference_url https://www.securityfocus.com/bid/5093/info
reference_id CVE-2002-0640;OSVDB-839
reference_type exploit
scores
url https://www.securityfocus.com/bid/5093/info
8
reference_url https://access.redhat.com/errata/RHSA-2002:127
reference_id RHSA-2002:127
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:127
9
reference_url https://access.redhat.com/errata/RHSA-2002:131
reference_id RHSA-2002:131
reference_type
scores
url https://access.redhat.com/errata/RHSA-2002:131
fixed_packages
0
url pkg:deb/debian/openssh@1:3.4?distro=trixie
purl pkg:deb/debian/openssh@1:3.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-0640
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bcqb-6d9v-77ax
27
url VCID-bw72-qxxf-3qbr
vulnerability_id VCID-bw72-qxxf-3qbr
summary The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-1692
reference_id
reference_type
scores
0
value 0.05341
scoring_system epss
scoring_elements 0.90231
published_at 2026-06-04T12:55:00Z
1
value 0.0548
scoring_system epss
scoring_elements 0.90384
published_at 2026-06-06T12:55:00Z
2
value 0.0548
scoring_system epss
scoring_elements 0.90398
published_at 2026-06-09T12:55:00Z
3
value 0.0548
scoring_system epss
scoring_elements 0.90381
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-1692
2
reference_url http://openwall.com/lists/oss-security/2014/01/29/10
reference_id 10
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://openwall.com/lists/oss-security/2014/01/29/10
3
reference_url http://osvdb.org/102611
reference_id 102611
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://osvdb.org/102611
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1059052
reference_id 1059052
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1059052
5
reference_url http://openwall.com/lists/oss-security/2014/01/29/2
reference_id 2
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://openwall.com/lists/oss-security/2014/01/29/2
6
reference_url http://secunia.com/advisories/60184
reference_id 60184
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://secunia.com/advisories/60184
7
reference_url http://www.securityfocus.com/bid/65230
reference_id 65230
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://www.securityfocus.com/bid/65230
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/90819
reference_id 90819
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/90819
9
reference_url http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637
reference_id docview.wss?uid=isg3T1020637
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637
10
reference_url http://marc.info/?l=bugtraq&m=141576985122836&w=2
reference_id ?l=bugtraq&m=141576985122836&w=2
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://marc.info/?l=bugtraq&m=141576985122836&w=2
11
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=h
reference_id schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=h
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=h
12
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10
reference_id schnorr.c#rev1.10
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:48:34Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2014-1692
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bw72-qxxf-3qbr
28
url VCID-c3ck-gyga-1qg6
vulnerability_id VCID-c3ck-gyga-1qg6
summary openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61984.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61984.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-61984
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01859
published_at 2026-06-09T12:55:00Z
1
value 0.00012
scoring_system epss
scoring_elements 0.01879
published_at 2026-06-05T12:55:00Z
2
value 0.00012
scoring_system epss
scoring_elements 0.01885
published_at 2026-06-06T12:55:00Z
3
value 0.00012
scoring_system epss
scoring_elements 0.01877
published_at 2026-06-07T12:55:00Z
4
value 0.00012
scoring_system epss
scoring_elements 0.01865
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-61984
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61984
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61984
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://www.openwall.com/lists/oss-security/2025/10/06/1
reference_id 1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://www.openwall.com/lists/oss-security/2025/10/06/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117529
reference_id 1117529
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117529
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2401960
reference_id 2401960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2401960
7
reference_url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
reference_id ?l=openssh-unix-dev&m=175974522032149&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2
8
reference_url https://www.openssh.com/releasenotes.html#10.1p1
reference_id releasenotes.html#10.1p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-10-08T03:55:10Z/
url https://www.openssh.com/releasenotes.html#10.1p1
9
reference_url https://access.redhat.com/errata/RHSA-2025:23479
reference_id RHSA-2025:23479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23479
10
reference_url https://access.redhat.com/errata/RHSA-2025:23480
reference_id RHSA-2025:23480
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23480
11
reference_url https://access.redhat.com/errata/RHSA-2025:23481
reference_id RHSA-2025:23481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23481
12
reference_url https://access.redhat.com/errata/RHSA-2026:0414
reference_id RHSA-2026:0414
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0414
13
reference_url https://access.redhat.com/errata/RHSA-2026:0685
reference_id RHSA-2026:0685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0685
14
reference_url https://access.redhat.com/errata/RHSA-2026:0693
reference_id RHSA-2026:0693
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0693
15
reference_url https://access.redhat.com/errata/RHSA-2026:0976
reference_id RHSA-2026:0976
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0976
16
reference_url https://access.redhat.com/errata/RHSA-2026:1652
reference_id RHSA-2026:1652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1652
17
reference_url https://access.redhat.com/errata/RHSA-2026:1678
reference_id RHSA-2026:1678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1678
18
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
19
reference_url https://access.redhat.com/errata/RHSA-2026:1815
reference_id RHSA-2026:1815
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1815
20
reference_url https://access.redhat.com/errata/RHSA-2026:1858
reference_id RHSA-2026:1858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1858
21
reference_url https://access.redhat.com/errata/RHSA-2026:5475
reference_id RHSA-2026:5475
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5475
22
reference_url https://usn.ubuntu.com/8090-1/
reference_id USN-8090-1
reference_type
scores
url https://usn.ubuntu.com/8090-1/
23
reference_url https://usn.ubuntu.com/8090-2/
reference_id USN-8090-2
reference_type
scores
url https://usn.ubuntu.com/8090-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.1p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.1p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.1p1-1%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
8
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2025-61984
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3ck-gyga-1qg6
29
url VCID-c48g-asvh-eyfg
vulnerability_id VCID-c48g-asvh-eyfg
summary The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-5000
reference_id
reference_type
scores
0
value 0.00222
scoring_system epss
scoring_elements 0.44864
published_at 2026-06-04T12:55:00Z
1
value 0.00222
scoring_system epss
scoring_elements 0.44934
published_at 2026-06-05T12:55:00Z
2
value 0.00222
scoring_system epss
scoring_elements 0.44941
published_at 2026-06-06T12:55:00Z
3
value 0.00222
scoring_system epss
scoring_elements 0.4492
published_at 2026-06-07T12:55:00Z
4
value 0.00222
scoring_system epss
scoring_elements 0.44891
published_at 2026-06-08T12:55:00Z
5
value 0.00222
scoring_system epss
scoring_elements 0.44902
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-5000
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=809938
reference_id 809938
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=809938
4
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
5
reference_url https://access.redhat.com/errata/RHSA-2012:0884
reference_id RHSA-2012:0884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0884
fixed_packages
0
url pkg:deb/debian/openssh@1:5.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:5.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2011-5000
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c48g-asvh-eyfg
30
url VCID-cbgc-6bc2-1qbf
vulnerability_id VCID-cbgc-6bc2-1qbf
summary Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3102.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-3102
reference_id
reference_type
scores
0
value 0.02629
scoring_system epss
scoring_elements 0.85969
published_at 2026-06-04T12:55:00Z
1
value 0.02629
scoring_system epss
scoring_elements 0.8599
published_at 2026-06-05T12:55:00Z
2
value 0.02735
scoring_system epss
scoring_elements 0.86262
published_at 2026-06-06T12:55:00Z
3
value 0.02735
scoring_system epss
scoring_elements 0.86258
published_at 2026-06-07T12:55:00Z
4
value 0.02735
scoring_system epss
scoring_elements 0.86246
published_at 2026-06-08T12:55:00Z
5
value 0.02735
scoring_system epss
scoring_elements 0.8626
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-3102
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=243204
reference_id 243204
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=243204
3
reference_url https://access.redhat.com/errata/RHSA-2007:0540
reference_id RHSA-2007:0540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0540
4
reference_url https://access.redhat.com/errata/RHSA-2007:0555
reference_id RHSA-2007:0555
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0555
5
reference_url https://access.redhat.com/errata/RHSA-2007:0703
reference_id RHSA-2007:0703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0703
6
reference_url https://access.redhat.com/errata/RHSA-2007:0737
reference_id RHSA-2007:0737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0737
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2007-3102
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cbgc-6bc2-1qbf
31
url VCID-d3dn-hs17-fuaw
vulnerability_id VCID-d3dn-hs17-fuaw
summary OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2001-1459
reference_id
reference_type
scores
0
value 0.00396
scoring_system epss
scoring_elements 0.6074
published_at 2026-06-04T12:55:00Z
1
value 0.00396
scoring_system epss
scoring_elements 0.60788
published_at 2026-06-05T12:55:00Z
2
value 0.00396
scoring_system epss
scoring_elements 0.60795
published_at 2026-06-06T12:55:00Z
3
value 0.00396
scoring_system epss
scoring_elements 0.60784
published_at 2026-06-07T12:55:00Z
4
value 0.00396
scoring_system epss
scoring_elements 0.60767
published_at 2026-06-08T12:55:00Z
5
value 0.00396
scoring_system epss
scoring_elements 0.60782
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2001-1459
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1459
fixed_packages
0
url pkg:deb/debian/openssh@1:3.0.1p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:3.0.1p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.0.1p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2001-1459
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3dn-hs17-fuaw
32
url VCID-d4fz-q19u-wyh8
vulnerability_id VCID-d4fz-q19u-wyh8
summary OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35414.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35414
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.093
published_at 2026-06-05T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09243
published_at 2026-06-08T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09302
published_at 2026-06-07T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09318
published_at 2026-06-06T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10904
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35414
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35414
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132576
reference_id 1132576
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132576
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454490
reference_id 2454490
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454490
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T17:42:45Z/
url https://www.openssh.org/releasenotes.html#10.3p1
9
reference_url https://access.redhat.com/errata/RHSA-2026:12389
reference_id RHSA-2026:12389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12389
10
reference_url https://access.redhat.com/errata/RHSA-2026:13380
reference_id RHSA-2026:13380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13380
11
reference_url https://access.redhat.com/errata/RHSA-2026:13381
reference_id RHSA-2026:13381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13381
12
reference_url https://access.redhat.com/errata/RHSA-2026:13383
reference_id RHSA-2026:13383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13383
13
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
14
reference_url https://access.redhat.com/errata/RHSA-2026:16059
reference_id RHSA-2026:16059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16059
15
reference_url https://access.redhat.com/errata/RHSA-2026:19069
reference_id RHSA-2026:19069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19069
16
reference_url https://access.redhat.com/errata/RHSA-2026:19219
reference_id RHSA-2026:19219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19219
17
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
18
reference_url https://access.redhat.com/errata/RHSA-2026:21298
reference_id RHSA-2026:21298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21298
19
reference_url https://access.redhat.com/errata/RHSA-2026:21398
reference_id RHSA-2026:21398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21398
20
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
21
reference_url https://access.redhat.com/errata/RHSA-2026:22564
reference_id RHSA-2026:22564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22564
22
reference_url https://access.redhat.com/errata/RHSA-2026:22648
reference_id RHSA-2026:22648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22648
23
reference_url https://usn.ubuntu.com/8222-1/
reference_id USN-8222-1
reference_type
scores
url https://usn.ubuntu.com/8222-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-35414
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d4fz-q19u-wyh8
33
url VCID-d8zj-qfhp-tycr
vulnerability_id VCID-d8zj-qfhp-tycr
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20685
reference_id
reference_type
scores
0
value 0.03377
scoring_system epss
scoring_elements 0.87629
published_at 2026-06-09T12:55:00Z
1
value 0.03377
scoring_system epss
scoring_elements 0.87617
published_at 2026-06-08T12:55:00Z
2
value 0.03377
scoring_system epss
scoring_elements 0.87618
published_at 2026-06-06T12:55:00Z
3
value 0.03377
scoring_system epss
scoring_elements 0.87619
published_at 2026-06-05T12:55:00Z
4
value 0.03377
scoring_system epss
scoring_elements 0.87598
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20685
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.securityfocus.com/bid/106531
reference_id 106531
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url http://www.securityfocus.com/bid/106531
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665785
reference_id 1665785
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665785
8
reference_url https://usn.ubuntu.com/3885-1/
reference_id 3885-1
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://usn.ubuntu.com/3885-1/
9
reference_url https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
reference_id 6010c0303a422a9c5fa8860c061bf7105eb7f8b2
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101
reference_id 919101
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101
11
reference_url https://security.archlinux.org/ASA-201904-11
reference_id ASA-201904-11
reference_type
scores
url https://security.archlinux.org/ASA-201904-11
12
reference_url https://security.archlinux.org/AVG-951
reference_id AVG-951
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-951
13
reference_url https://www.debian.org/security/2019/dsa-4387
reference_id dsa-4387
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://www.debian.org/security/2019/dsa-4387
14
reference_url https://security.gentoo.org/glsa/201903-16
reference_id GLSA-201903-16
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://security.gentoo.org/glsa/201903-16
15
reference_url https://security.gentoo.org/glsa/202007-53
reference_id GLSA-202007-53
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://security.gentoo.org/glsa/202007-53
16
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
17
reference_url https://security.netapp.com/advisory/ntap-20190215-0001/
reference_id ntap-20190215-0001
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://security.netapp.com/advisory/ntap-20190215-0001/
18
reference_url https://access.redhat.com/errata/RHSA-2019:3702
reference_id RHSA-2019:3702
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://access.redhat.com/errata/RHSA-2019:3702
19
reference_url https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h
reference_id scp.c.diff?r1=1.197&r2=1.198&f=h
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h
20
reference_url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
reference_id scp-client-multiple-vulnerabilities.txt
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
21
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:7.9p1-5?distro=trixie
purl pkg:deb/debian/openssh@1:7.9p1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-5%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2018-20685
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d8zj-qfhp-tycr
34
url VCID-dcb1-n6mq-9khm
vulnerability_id VCID-dcb1-n6mq-9khm
summary openssh: Possible remote code execution due to a race condition in signal handling affecting Red Hat Enterprise Linux 9
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json
reference_id
reference_type
scores
0
value 7.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6409.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-6409
reference_id
reference_type
scores
0
value 0.76397
scoring_system epss
scoring_elements 0.98955
published_at 2026-06-09T12:55:00Z
1
value 0.76397
scoring_system epss
scoring_elements 0.98956
published_at 2026-06-08T12:55:00Z
2
value 0.76397
scoring_system epss
scoring_elements 0.98959
published_at 2026-06-06T12:55:00Z
3
value 0.76397
scoring_system epss
scoring_elements 0.98957
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-6409
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295085
reference_id 2295085
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2295085
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
reference_id cpe:/a:redhat:openshift:4.13::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el8
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
reference_id cpe:/a:redhat:openshift:4.13::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.13::el9
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
reference_id cpe:/a:redhat:openshift:4.14::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el8
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
reference_id cpe:/a:redhat:openshift:4.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.14::el9
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
reference_id cpe:/a:redhat:openshift:4.15::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el8
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
reference_id cpe:/a:redhat:openshift:4.15::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.15::el9
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
reference_id cpe:/a:redhat:openshift:4.16::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_id cpe:/a:redhat:rhel_e4s:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_id cpe:/o:redhat:rhel_e4s:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
21
reference_url https://access.redhat.com/security/cve/CVE-2024-6409
reference_id CVE-2024-6409
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/security/cve/CVE-2024-6409
22
reference_url https://access.redhat.com/errata/RHSA-2024:4457
reference_id RHSA-2024:4457
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/errata/RHSA-2024:4457
23
reference_url https://access.redhat.com/errata/RHSA-2024:4716
reference_id RHSA-2024:4716
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/errata/RHSA-2024:4716
24
reference_url https://access.redhat.com/errata/RHSA-2024:4910
reference_id RHSA-2024:4910
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/errata/RHSA-2024:4910
25
reference_url https://access.redhat.com/errata/RHSA-2024:4955
reference_id RHSA-2024:4955
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/errata/RHSA-2024:4955
26
reference_url https://access.redhat.com/errata/RHSA-2024:5444
reference_id RHSA-2024:5444
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T18:22:05Z/
url https://access.redhat.com/errata/RHSA-2024:5444
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2024-6409
risk_score 3.1
exploitability 0.5
weighted_severity 6.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dcb1-n6mq-9khm
35
url VCID-dk46-7un2-z3bw
vulnerability_id VCID-dk46-7un2-z3bw
summary Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10009
reference_id
reference_type
scores
0
value 0.01579
scoring_system epss
scoring_elements 0.81934
published_at 2026-06-08T12:55:00Z
1
value 0.01579
scoring_system epss
scoring_elements 0.81941
published_at 2026-06-07T12:55:00Z
2
value 0.01579
scoring_system epss
scoring_elements 0.81939
published_at 2026-06-05T12:55:00Z
3
value 0.01579
scoring_system epss
scoring_elements 0.81905
published_at 2026-06-04T12:55:00Z
4
value 0.01579
scoring_system epss
scoring_elements 0.8194
published_at 2026-06-06T12:55:00Z
5
value 0.01579
scoring_system epss
scoring_elements 0.81949
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10009
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.openwall.com/lists/oss-security/2023/07/20/1
reference_id 1
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.openwall.com/lists/oss-security/2023/07/20/1
5
reference_url http://www.securitytracker.com/id/1037490
reference_id 1037490
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.securitytracker.com/id/1037490
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406269
reference_id 1406269
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406269
7
reference_url http://www.openwall.com/lists/oss-security/2016/12/19/2
reference_id 2
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.openwall.com/lists/oss-security/2016/12/19/2
8
reference_url http://seclists.org/fulldisclosure/2023/Jul/31
reference_id 31
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://seclists.org/fulldisclosure/2023/Jul/31
9
reference_url https://usn.ubuntu.com/3538-1/
reference_id 3538-1
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://usn.ubuntu.com/3538-1/
10
reference_url https://www.exploit-db.com/exploits/40963/
reference_id 40963
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://www.exploit-db.com/exploits/40963/
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714
reference_id 848714
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714
12
reference_url http://www.openwall.com/lists/oss-security/2023/07/19/9
reference_id 9
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.openwall.com/lists/oss-security/2023/07/19/9
13
reference_url https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5
reference_id 9476ce1dd37d3c3218d5640b74c34c65e5f4efe5
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5
14
reference_url http://www.securityfocus.com/bid/94968
reference_id 94968
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.securityfocus.com/bid/94968
15
reference_url https://security.archlinux.org/ASA-201612-20
reference_id ASA-201612-20
reference_type
scores
url https://security.archlinux.org/ASA-201612-20
16
reference_url https://security.archlinux.org/AVG-110
reference_id AVG-110
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-110
17
reference_url https://bugs.chromium.org/p/project-zero/issues/detail?id=1009
reference_id CVE-2016-10009
reference_type exploit
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://bugs.chromium.org/p/project-zero/issues/detail?id=1009
18
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt
reference_id CVE-2016-10009
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt
19
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_id display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
20
reference_url https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc
reference_id FreeBSD-SA-17:01.openssh.asc
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc
21
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
22
reference_url https://security.netapp.com/advisory/ntap-20171130-0002/
reference_id ntap-20171130-0002
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://security.netapp.com/advisory/ntap-20171130-0002/
23
reference_url http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html
reference_id OpenSSH-Arbitrary-Library-Loading.html
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html
24
reference_url http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
reference_id OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
25
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://www.openssh.com/txt/release-7.4
26
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://access.redhat.com/errata/RHSA-2017:2029
27
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
28
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_id viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
fixed_packages
0
url pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-10009
risk_score 10.0
exploitability 2.0
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dk46-7un2-z3bw
36
url VCID-dmxq-9e3x-33dm
vulnerability_id VCID-dmxq-9e3x-33dm
summary sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1562.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-1562.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-1562
reference_id
reference_type
scores
0
value 0.00802
scoring_system epss
scoring_elements 0.74441
published_at 2026-06-04T12:55:00Z
1
value 0.00802
scoring_system epss
scoring_elements 0.74473
published_at 2026-06-05T12:55:00Z
2
value 0.00802
scoring_system epss
scoring_elements 0.74479
published_at 2026-06-06T12:55:00Z
3
value 0.00802
scoring_system epss
scoring_elements 0.74467
published_at 2026-06-07T12:55:00Z
4
value 0.00802
scoring_system epss
scoring_elements 0.7445
published_at 2026-06-08T12:55:00Z
5
value 0.00802
scoring_system epss
scoring_elements 0.74476
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-1562
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1562
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1562
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=457820
reference_id 457820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=457820
fixed_packages
0
url pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
purl pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-1562
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dmxq-9e3x-33dm
37
url VCID-dpqb-xwwg-5qet
vulnerability_id VCID-dpqb-xwwg-5qet
summary A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slot exhaustion) via multiple login attempts. NOTE: this issue exists because of an incorrect fix for CVE-2006-5051.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4109.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4109.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-4109
reference_id
reference_type
scores
0
value 0.01128
scoring_system epss
scoring_elements 0.78675
published_at 2026-06-09T12:55:00Z
1
value 0.01128
scoring_system epss
scoring_elements 0.78672
published_at 2026-06-05T12:55:00Z
2
value 0.01128
scoring_system epss
scoring_elements 0.78679
published_at 2026-06-06T12:55:00Z
3
value 0.01128
scoring_system epss
scoring_elements 0.7867
published_at 2026-06-07T12:55:00Z
4
value 0.01128
scoring_system epss
scoring_elements 0.78658
published_at 2026-06-08T12:55:00Z
5
value 0.01128
scoring_system epss
scoring_elements 0.78645
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-4109
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4109
3
reference_url http://www.openwall.com/lists/oss-security/2024/07/01/3
reference_id 3
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://www.openwall.com/lists/oss-security/2024/07/01/3
4
reference_url http://secunia.com/advisories/31885
reference_id 31885
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://secunia.com/advisories/31885
5
reference_url http://secunia.com/advisories/32080
reference_id 32080
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://secunia.com/advisories/32080
6
reference_url http://secunia.com/advisories/32181
reference_id 32181
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://secunia.com/advisories/32181
7
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/45202
reference_id 45202
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/45202
8
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498678
reference_id bugreport.cgi?bug=498678
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=498678
9
reference_url http://www.debian.org/security/2008/dsa-1638
reference_id dsa-1638
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://www.debian.org/security/2008/dsa-1638
10
reference_url http://www.securitytracker.com/id?1020891
reference_id id?1020891
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://www.securitytracker.com/id?1020891
11
reference_url http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
reference_id msg00004.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00004.html
12
reference_url http://www.ubuntu.com/usn/usn-649-1
reference_id usn-649-1
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-24T17:46:27Z/
url http://www.ubuntu.com/usn/usn-649-1
13
reference_url https://usn.ubuntu.com/649-1/
reference_id USN-649-1
reference_type
scores
url https://usn.ubuntu.com/649-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-4109
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpqb-xwwg-5qet
38
url VCID-duf9-92fd-ckbc
vulnerability_id VCID-duf9-92fd-ckbc
summary SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2001-1585
reference_id
reference_type
scores
0
value 0.00426
scoring_system epss
scoring_elements 0.62606
published_at 2026-06-04T12:55:00Z
1
value 0.00426
scoring_system epss
scoring_elements 0.62651
published_at 2026-06-05T12:55:00Z
2
value 0.00426
scoring_system epss
scoring_elements 0.62659
published_at 2026-06-06T12:55:00Z
3
value 0.00426
scoring_system epss
scoring_elements 0.62649
published_at 2026-06-09T12:55:00Z
4
value 0.00426
scoring_system epss
scoring_elements 0.62635
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2001-1585
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2001-1585
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-duf9-92fd-ckbc
39
url VCID-e3mt-jhj9-nqd9
vulnerability_id VCID-e3mt-jhj9-nqd9
summary openssh: Denial-of-service in OpenSSH
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26466.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26466
reference_id
reference_type
scores
0
value 0.62365
scoring_system epss
scoring_elements 0.9839
published_at 2026-06-08T12:55:00Z
1
value 0.62365
scoring_system epss
scoring_elements 0.98388
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26466
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://seclists.org/oss-sec/2025/q1/144
reference_id 144
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/
url https://seclists.org/oss-sec/2025/q1/144
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2345043
reference_id 2345043
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2345043
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
reference_id cpe:/o:redhat:enterprise_linux:8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
reference_id cpe:/o:redhat:enterprise_linux:9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
11
reference_url https://access.redhat.com/security/cve/CVE-2025-26466
reference_id CVE-2025-26466
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/
url https://access.redhat.com/security/cve/CVE-2025-26466
12
reference_url https://security.gentoo.org/glsa/202502-01
reference_id GLSA-202502-01
reference_type
scores
url https://security.gentoo.org/glsa/202502-01
13
reference_url https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt
reference_id openssh-mitm-dos.txt
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-04T19:51:35Z/
url https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt
14
reference_url https://usn.ubuntu.com/7270-1/
reference_id USN-7270-1
reference_type
scores
url https://usn.ubuntu.com/7270-1/
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.9p2-1%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2025-26466
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3mt-jhj9-nqd9
40
url VCID-e4ka-u2kj-2uh1
vulnerability_id VCID-e4ka-u2kj-2uh1
summary sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4924.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4924.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4924
reference_id
reference_type
scores
0
value 0.54323
scoring_system epss
scoring_elements 0.98067
published_at 2026-06-09T12:55:00Z
1
value 0.54323
scoring_system epss
scoring_elements 0.98069
published_at 2026-06-06T12:55:00Z
2
value 0.54323
scoring_system epss
scoring_elements 0.98068
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4924
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=207957
reference_id 207957
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=207957
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389995
reference_id 389995
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=389995
5
reference_url https://security.gentoo.org/glsa/200609-17
reference_id GLSA-200609-17
reference_type
scores
url https://security.gentoo.org/glsa/200609-17
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2444.sh
reference_id OSVDB-29152;CVE-2006-4924
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/2444.sh
7
reference_url https://access.redhat.com/errata/RHSA-2006:0697
reference_id RHSA-2006:0697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0697
8
reference_url https://access.redhat.com/errata/RHSA-2006:0698
reference_id RHSA-2006:0698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0698
9
reference_url https://usn.ubuntu.com/355-1/
reference_id USN-355-1
reference_type
scores
url https://usn.ubuntu.com/355-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.3p2-4?distro=trixie
purl pkg:deb/debian/openssh@1:4.3p2-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.3p2-4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-4924
risk_score 1.0
exploitability 2.0
weighted_severity 0.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e4ka-u2kj-2uh1
41
url VCID-e7nd-88j4-5qh2
vulnerability_id VCID-e7nd-88j4-5qh2
summary Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0639.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0639.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0639
reference_id
reference_type
scores
0
value 0.33708
scoring_system epss
scoring_elements 0.97039
published_at 2026-06-04T12:55:00Z
1
value 0.33708
scoring_system epss
scoring_elements 0.97042
published_at 2026-06-05T12:55:00Z
2
value 0.33708
scoring_system epss
scoring_elements 0.97044
published_at 2026-06-06T12:55:00Z
3
value 0.33708
scoring_system epss
scoring_elements 0.97046
published_at 2026-06-08T12:55:00Z
4
value 0.33708
scoring_system epss
scoring_elements 0.9705
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0639
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0639
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0639
fixed_packages
0
url pkg:deb/debian/openssh@1:3.4?distro=trixie
purl pkg:deb/debian/openssh@1:3.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-0639
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e7nd-88j4-5qh2
42
url VCID-eeca-d7xg-dqfj
vulnerability_id VCID-eeca-d7xg-dqfj
summary The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4548.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4548.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4548
reference_id
reference_type
scores
0
value 0.00305
scoring_system epss
scoring_elements 0.5407
published_at 2026-06-04T12:55:00Z
1
value 0.00305
scoring_system epss
scoring_elements 0.54126
published_at 2026-06-05T12:55:00Z
2
value 0.00305
scoring_system epss
scoring_elements 0.54134
published_at 2026-06-06T12:55:00Z
3
value 0.00305
scoring_system epss
scoring_elements 0.54124
published_at 2026-06-07T12:55:00Z
4
value 0.00305
scoring_system epss
scoring_elements 0.541
published_at 2026-06-08T12:55:00Z
5
value 0.00305
scoring_system epss
scoring_elements 0.54123
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4548
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1028418
reference_id 1028418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1028418
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029
reference_id 729029
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029
5
reference_url https://usn.ubuntu.com/2014-1/
reference_id USN-2014-1
reference_type
scores
url https://usn.ubuntu.com/2014-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:6.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2013-4548
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eeca-d7xg-dqfj
43
url VCID-ejdj-e43e-73de
vulnerability_id VCID-ejdj-e43e-73de
summary Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1357
reference_id
reference_type
scores
0
value 0.21352
scoring_system epss
scoring_elements 0.95797
published_at 2026-06-04T12:55:00Z
1
value 0.21352
scoring_system epss
scoring_elements 0.95802
published_at 2026-06-05T12:55:00Z
2
value 0.21352
scoring_system epss
scoring_elements 0.95805
published_at 2026-06-06T12:55:00Z
3
value 0.21352
scoring_system epss
scoring_elements 0.95807
published_at 2026-06-08T12:55:00Z
4
value 0.21352
scoring_system epss
scoring_elements 0.95811
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1357
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-1357
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejdj-e43e-73de
44
url VCID-ejg8-qdtx-13cd
vulnerability_id VCID-ejg8-qdtx-13cd
summary SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2666.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2666.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2666
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22143
published_at 2026-06-04T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22227
published_at 2026-06-05T12:55:00Z
2
value 0.00073
scoring_system epss
scoring_elements 0.22214
published_at 2026-06-06T12:55:00Z
3
value 0.00073
scoring_system epss
scoring_elements 0.22168
published_at 2026-06-07T12:55:00Z
4
value 0.00073
scoring_system epss
scoring_elements 0.22113
published_at 2026-06-08T12:55:00Z
5
value 0.00073
scoring_system epss
scoring_elements 0.22126
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2666
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=162681
reference_id 162681
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=162681
4
reference_url https://access.redhat.com/errata/RHSA-2007:0257
reference_id RHSA-2007:0257
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0257
fixed_packages
0
url pkg:deb/debian/openssh@1:4.0p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.0p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.0p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2005-2666
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejg8-qdtx-13cd
45
url VCID-ekfc-re49-1ybq
vulnerability_id VCID-ekfc-re49-1ybq
summary sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6565.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6565
reference_id
reference_type
scores
0
value 0.00344
scoring_system epss
scoring_elements 0.57251
published_at 2026-06-04T12:55:00Z
1
value 0.00344
scoring_system epss
scoring_elements 0.57302
published_at 2026-06-09T12:55:00Z
2
value 0.00344
scoring_system epss
scoring_elements 0.5731
published_at 2026-06-06T12:55:00Z
3
value 0.00344
scoring_system epss
scoring_elements 0.57298
published_at 2026-06-07T12:55:00Z
4
value 0.00344
scoring_system epss
scoring_elements 0.57285
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6565
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252861
reference_id 1252861
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1252861
4
reference_url http://seclists.org/oss-sec/2017/q1/203
reference_id CVE-2015-6565
reference_type exploit
scores
url http://seclists.org/oss-sec/2017/q1/203
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c
reference_id CVE-2015-6565
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/41173.c
6
reference_url https://security.gentoo.org/glsa/201512-04
reference_id GLSA-201512-04
reference_type
scores
url https://security.gentoo.org/glsa/201512-04
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-6565
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ekfc-re49-1ybq
46
url VCID-eqkk-t4zc-3fdv
vulnerability_id VCID-eqkk-t4zc-3fdv
summary OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2797.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2797
reference_id
reference_type
scores
0
value 0.00713
scoring_system epss
scoring_elements 0.72699
published_at 2026-06-04T12:55:00Z
1
value 0.00713
scoring_system epss
scoring_elements 0.72737
published_at 2026-06-05T12:55:00Z
2
value 0.00713
scoring_system epss
scoring_elements 0.72746
published_at 2026-06-06T12:55:00Z
3
value 0.00713
scoring_system epss
scoring_elements 0.72728
published_at 2026-06-07T12:55:00Z
4
value 0.00713
scoring_system epss
scoring_elements 0.72715
published_at 2026-06-08T12:55:00Z
5
value 0.00713
scoring_system epss
scoring_elements 0.72739
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2797
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2797
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326065
reference_id 326065
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326065
fixed_packages
0
url pkg:deb/debian/openssh@1:4.2p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.2p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.2p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2005-2797
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eqkk-t4zc-3fdv
47
url VCID-f7jg-5re5-vfdh
vulnerability_id VCID-f7jg-5re5-vfdh
summary The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0786
reference_id
reference_type
scores
0
value 0.03141
scoring_system epss
scoring_elements 0.87126
published_at 2026-06-04T12:55:00Z
1
value 0.03141
scoring_system epss
scoring_elements 0.87148
published_at 2026-06-05T12:55:00Z
2
value 0.03141
scoring_system epss
scoring_elements 0.87146
published_at 2026-06-06T12:55:00Z
3
value 0.03141
scoring_system epss
scoring_elements 0.87141
published_at 2026-06-07T12:55:00Z
4
value 0.03141
scoring_system epss
scoring_elements 0.87138
published_at 2026-06-08T12:55:00Z
5
value 0.03141
scoring_system epss
scoring_elements 0.87149
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0786
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0786
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0786
fixed_packages
0
url pkg:deb/debian/openssh@1:3.7.1p2?distro=trixie
purl pkg:deb/debian/openssh@1:3.7.1p2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.7.1p2%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0786
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f7jg-5re5-vfdh
48
url VCID-fg38-qrgb-tqgd
vulnerability_id VCID-fg38-qrgb-tqgd
summary packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4925.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4925.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-4925
reference_id
reference_type
scores
0
value 0.03372
scoring_system epss
scoring_elements 0.87587
published_at 2026-06-04T12:55:00Z
1
value 0.03372
scoring_system epss
scoring_elements 0.87609
published_at 2026-06-05T12:55:00Z
2
value 0.03372
scoring_system epss
scoring_elements 0.87607
published_at 2026-06-06T12:55:00Z
3
value 0.03372
scoring_system epss
scoring_elements 0.87606
published_at 2026-06-07T12:55:00Z
4
value 0.03372
scoring_system epss
scoring_elements 0.87605
published_at 2026-06-08T12:55:00Z
5
value 0.03372
scoring_system epss
scoring_elements 0.87617
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-4925
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4925
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4925
fixed_packages
0
url pkg:deb/debian/openssh@1:5.1p1-5?distro=trixie
purl pkg:deb/debian/openssh@1:5.1p1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.1p1-5%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-4925
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fg38-qrgb-tqgd
49
url VCID-fr4t-rqsq-pbfu
vulnerability_id VCID-fr4t-rqsq-pbfu
summary The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0777
reference_id
reference_type
scores
0
value 0.71658
scoring_system epss
scoring_elements 0.98752
published_at 2026-06-06T12:55:00Z
1
value 0.77397
scoring_system epss
scoring_elements 0.99002
published_at 2026-06-09T12:55:00Z
2
value 0.77397
scoring_system epss
scoring_elements 0.99004
published_at 2026-06-07T12:55:00Z
3
value 0.77397
scoring_system epss
scoring_elements 0.99003
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0777
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
4
reference_url http://www.securitytracker.com/id/1034671
reference_id 1034671
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.securitytracker.com/id/1034671
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1298032
reference_id 1298032
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1298032
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html
reference_id 175592.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html
7
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
reference_id 175676.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html
8
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
reference_id 176349.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
9
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
reference_id 176516.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
10
reference_url http://seclists.org/fulldisclosure/2016/Jan/44
reference_id 44
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://seclists.org/fulldisclosure/2016/Jan/44
11
reference_url http://www.openwall.com/lists/oss-security/2016/01/14/7
reference_id 7
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.openwall.com/lists/oss-security/2016/01/14/7
12
reference_url http://www.securityfocus.com/bid/80695
reference_id 80695
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.securityfocus.com/bid/80695
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984
reference_id 810984
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984
14
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
reference_id docDisplay?docId=emr_na-c05247375
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
15
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
reference_id docDisplay?docId=emr_na-c05356388
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
16
reference_url http://www.debian.org/security/2016/dsa-3446
reference_id dsa-3446
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.debian.org/security/2016/dsa-3446
17
reference_url https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc
reference_id FreeBSD-SA-16:07.openssh.asc
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc
18
reference_url https://security.gentoo.org/glsa/201601-01
reference_id GLSA-201601-01
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://security.gentoo.org/glsa/201601-01
19
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
reference_id index?page=content&id=JSA10734
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
20
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id linuxbulletinjan2016-2867209.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
21
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
22
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
23
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
24
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
reference_id msg00009.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
25
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
reference_id msg00013.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
26
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
reference_id msg00014.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
27
reference_url http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
reference_id Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
28
reference_url http://www.openssh.com/txt/release-7.1p2
reference_id release-7.1p2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.openssh.com/txt/release-7.1p2
29
reference_url https://access.redhat.com/errata/RHSA-2016:0043
reference_id RHSA-2016:0043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0043
30
reference_url https://bto.bluecoat.com/security-advisory/sa109
reference_id sa109
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://bto.bluecoat.com/security-advisory/sa109
31
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
32
reference_url http://www.securityfocus.com/archive/1/537295/100/0/threaded
reference_id threaded
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.securityfocus.com/archive/1/537295/100/0/threaded
33
reference_url https://usn.ubuntu.com/2869-1/
reference_id USN-2869-1
reference_type
scores
url https://usn.ubuntu.com/2869-1/
34
reference_url http://www.ubuntu.com/usn/USN-2869-1
reference_id USN-2869-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url http://www.ubuntu.com/usn/USN-2869-1
35
reference_url https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
reference_id utm-up2date-9-319-released
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
36
reference_url https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
reference_id utm-up2date-9-354-released
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:29:54Z/
url https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-0777
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fr4t-rqsq-pbfu
50
url VCID-fy7d-81ah-fug2
vulnerability_id VCID-fy7d-81ah-fug2
summary OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1483.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1483.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1483
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42164
published_at 2026-06-06T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.42109
published_at 2026-06-09T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.42153
published_at 2026-06-05T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42079
published_at 2026-06-04T12:55:00Z
4
value 0.00201
scoring_system epss
scoring_elements 0.42136
published_at 2026-06-07T12:55:00Z
5
value 0.00201
scoring_system epss
scoring_elements 0.421
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1483
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=439079
reference_id 439079
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=439079
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011
reference_id 463011
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011
6
reference_url https://security.gentoo.org/glsa/200804-03
reference_id GLSA-200804-03
reference_type
scores
url https://security.gentoo.org/glsa/200804-03
7
reference_url https://access.redhat.com/errata/RHSA-2005:527
reference_id RHSA-2005:527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:527
8
reference_url https://usn.ubuntu.com/597-1/
reference_id USN-597-1
reference_type
scores
url https://usn.ubuntu.com/597-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.7p1-5?distro=trixie
purl pkg:deb/debian/openssh@1:4.7p1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.7p1-5%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-1483
risk_score 2.0
exploitability 0.5
weighted_severity 4.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fy7d-81ah-fug2
51
url VCID-fyug-5932-57az
vulnerability_id VCID-fyug-5932-57az
summary sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10708
reference_id
reference_type
scores
0
value 0.0312
scoring_system epss
scoring_elements 0.87094
published_at 2026-06-08T12:55:00Z
1
value 0.0312
scoring_system epss
scoring_elements 0.87084
published_at 2026-06-04T12:55:00Z
2
value 0.0312
scoring_system epss
scoring_elements 0.87106
published_at 2026-06-09T12:55:00Z
3
value 0.0312
scoring_system epss
scoring_elements 0.87104
published_at 2026-06-06T12:55:00Z
4
value 0.0312
scoring_system epss
scoring_elements 0.87098
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securityfocus.com/bid/102780
reference_id 102780
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url http://www.securityfocus.com/bid/102780
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1537929
reference_id 1537929
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1537929
6
reference_url https://usn.ubuntu.com/3809-1/
reference_id 3809-1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://usn.ubuntu.com/3809-1/
7
reference_url http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html
reference_id fuzzing-tcp-servers.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html
8
reference_url https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737
reference_id ?id=28652bca29046f62c7045e933e6b931de1d16737
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737
9
reference_url https://support.f5.com/csp/article/K32485746?utm_source=f5support&amp%3Butm_medium=RSS
reference_id K32485746?utm_source=f5support&amp%3Butm_medium=RSS
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://support.f5.com/csp/article/K32485746?utm_source=f5support&amp%3Butm_medium=RSS
10
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
11
reference_url https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html
reference_id msg00031.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html
12
reference_url https://security.netapp.com/advisory/ntap-20180423-0003/
reference_id ntap-20180423-0003
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://security.netapp.com/advisory/ntap-20180423-0003/
13
reference_url https://www.openssh.com/releasenotes.html
reference_id releasenotes.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://www.openssh.com/releasenotes.html
14
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2029
15
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
reference_id ssa-676336.pdf
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-10708
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fyug-5932-57az
52
url VCID-g8re-9v42-j7c1
vulnerability_id VCID-g8re-9v42-j7c1
summary ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28531.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-28531
reference_id
reference_type
scores
0
value 0.00158
scoring_system epss
scoring_elements 0.36405
published_at 2026-06-05T12:55:00Z
1
value 0.00158
scoring_system epss
scoring_elements 0.36376
published_at 2026-06-07T12:55:00Z
2
value 0.00158
scoring_system epss
scoring_elements 0.36414
published_at 2026-06-06T12:55:00Z
3
value 0.00171
scoring_system epss
scoring_elements 0.38168
published_at 2026-06-09T12:55:00Z
4
value 0.00171
scoring_system epss
scoring_elements 0.38157
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-28531
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166
reference_id 1033166
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033166
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2179334
reference_id 2179334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2179334
4
reference_url https://www.openwall.com/lists/oss-security/2023/03/15/8
reference_id 8
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T20:20:13Z/
url https://www.openwall.com/lists/oss-security/2023/03/15/8
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/
reference_id AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T20:20:13Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT/
6
reference_url https://security.gentoo.org/glsa/202307-01
reference_id GLSA-202307-01
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T20:20:13Z/
url https://security.gentoo.org/glsa/202307-01
7
reference_url https://security.netapp.com/advisory/ntap-20230413-0008/
reference_id ntap-20230413-0008
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-11T20:20:13Z/
url https://security.netapp.com/advisory/ntap-20230413-0008/
8
reference_url https://usn.ubuntu.com/6560-1/
reference_id USN-6560-1
reference_type
scores
url https://usn.ubuntu.com/6560-1/
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:9.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.3p1-1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-28531
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g8re-9v42-j7c1
53
url VCID-gp9q-a913-gyhq
vulnerability_id VCID-gp9q-a913-gyhq
summary The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0539.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0539.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0539
reference_id
reference_type
scores
0
value 0.02075
scoring_system epss
scoring_elements 0.84292
published_at 2026-06-09T12:55:00Z
1
value 0.02075
scoring_system epss
scoring_elements 0.84294
published_at 2026-06-05T12:55:00Z
2
value 0.02075
scoring_system epss
scoring_elements 0.84297
published_at 2026-06-06T12:55:00Z
3
value 0.02075
scoring_system epss
scoring_elements 0.84291
published_at 2026-06-07T12:55:00Z
4
value 0.02075
scoring_system epss
scoring_elements 0.84279
published_at 2026-06-08T12:55:00Z
5
value 0.02075
scoring_system epss
scoring_elements 0.84271
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0539
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539
3
reference_url http://www.vupen.com/english/advisories/2011/0284
reference_id 0284
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://www.vupen.com/english/advisories/2011/0284
4
reference_url http://www.openwall.com/lists/oss-security/2011/02/04/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://www.openwall.com/lists/oss-security/2011/02/04/2
5
reference_url http://secunia.com/advisories/43181
reference_id 43181
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://secunia.com/advisories/43181
6
reference_url http://secunia.com/advisories/44269
reference_id 44269
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://secunia.com/advisories/44269
7
reference_url http://www.securityfocus.com/bid/46155
reference_id 46155
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://www.securityfocus.com/bid/46155
8
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/65163
reference_id 65163
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/65163
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=675254
reference_id 675254
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=675254
10
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
reference_id Document.jsp?objectID=c02794777
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777
11
reference_url http://www.securitytracker.com/id?1025028
reference_id id?1025028
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://www.securitytracker.com/id?1025028
12
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
reference_id index?page=content&id=JSA10673
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
13
reference_url http://www.openssh.com/txt/legacy-cert.adv
reference_id legacy-cert.adv
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:34:38Z/
url http://www.openssh.com/txt/legacy-cert.adv
fixed_packages
0
url pkg:deb/debian/openssh@1:5.8p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:5.8p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.8p1-2%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2011-0539
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gp9q-a913-gyhq
54
url VCID-gpxr-fhh7-ubcm
vulnerability_id VCID-gpxr-fhh7-ubcm
summary sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10010
reference_id
reference_type
scores
0
value 0.00087
scoring_system epss
scoring_elements 0.24871
published_at 2026-06-09T12:55:00Z
1
value 0.00087
scoring_system epss
scoring_elements 0.24893
published_at 2026-06-04T12:55:00Z
2
value 0.00087
scoring_system epss
scoring_elements 0.24988
published_at 2026-06-05T12:55:00Z
3
value 0.00087
scoring_system epss
scoring_elements 0.24976
published_at 2026-06-06T12:55:00Z
4
value 0.00087
scoring_system epss
scoring_elements 0.24921
published_at 2026-06-07T12:55:00Z
5
value 0.00087
scoring_system epss
scoring_elements 0.24862
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10010
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:C/I:C/A:C
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1037490
reference_id 1037490
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url http://www.securitytracker.com/id/1037490
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406278
reference_id 1406278
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406278
6
reference_url http://www.openwall.com/lists/oss-security/2016/12/19/2
reference_id 2
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url http://www.openwall.com/lists/oss-security/2016/12/19/2
7
reference_url https://www.exploit-db.com/exploits/40962/
reference_id 40962
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://www.exploit-db.com/exploits/40962/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715
reference_id 848715
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715
9
reference_url http://www.securityfocus.com/bid/94972
reference_id 94972
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url http://www.securityfocus.com/bid/94972
10
reference_url https://security.archlinux.org/ASA-201612-20
reference_id ASA-201612-20
reference_type
scores
url https://security.archlinux.org/ASA-201612-20
11
reference_url https://security.archlinux.org/AVG-110
reference_id AVG-110
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-110
12
reference_url https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce
reference_id c76fac666ea038753294f2ac94d310f8adece9ce
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce
13
reference_url https://bugs.chromium.org/p/project-zero/issues/detail?id=1010
reference_id CVE-2016-10010
reference_type exploit
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://bugs.chromium.org/p/project-zero/issues/detail?id=1010
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt
reference_id CVE-2016-10010
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt
15
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_id display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
16
reference_url https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc
reference_id FreeBSD-SA-17:01.openssh.asc
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc
17
reference_url https://security.netapp.com/advisory/ntap-20171130-0002/
reference_id ntap-20171130-0002
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://security.netapp.com/advisory/ntap-20171130-0002/
18
reference_url http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html
reference_id OpenSSH-Local-Privilege-Escalation.html
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html
19
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://www.openssh.com/txt/release-7.4
20
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
21
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_id viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_type
scores
0
value 7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
fixed_packages
0
url pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-10010
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gpxr-fhh7-ubcm
55
url VCID-gxp5-chcg-jqaa
vulnerability_id VCID-gxp5-chcg-jqaa
summary openssh: OpenSSH pre-authentication async signal safety issue
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7589.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-7589
reference_id
reference_type
scores
0
value 0.17408
scoring_system epss
scoring_elements 0.95203
published_at 2026-06-09T12:55:00Z
1
value 0.17408
scoring_system epss
scoring_elements 0.95198
published_at 2026-06-05T12:55:00Z
2
value 0.17408
scoring_system epss
scoring_elements 0.95199
published_at 2026-06-08T12:55:00Z
3
value 0.17408
scoring_system epss
scoring_elements 0.952
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-7589
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2304416
reference_id 2304416
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2304416
4
reference_url https://www.cve.org/CVERecord?id=CVE-2006-5051
reference_id CVERecord?id=CVE-2006-5051
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/
url https://www.cve.org/CVERecord?id=CVE-2006-5051
5
reference_url https://www.cve.org/CVERecord?id=CVE-2024-6387
reference_id CVERecord?id=CVE-2024-6387
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/
url https://www.cve.org/CVERecord?id=CVE-2024-6387
6
reference_url https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc
reference_id FreeBSD-SA-24:08.openssh.asc
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-12T13:50:54Z/
url https://security.freebsd.org/advisories/FreeBSD-SA-24:08.openssh.asc
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2024-7589
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gxp5-chcg-jqaa
56
url VCID-h3vd-8n4n-zub3
vulnerability_id VCID-h3vd-8n4n-zub3
summary The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would force a local login.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9278.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9278
reference_id
reference_type
scores
0
value 0.00351
scoring_system epss
scoring_elements 0.57798
published_at 2026-06-04T12:55:00Z
1
value 0.00351
scoring_system epss
scoring_elements 0.5785
published_at 2026-06-09T12:55:00Z
2
value 0.00351
scoring_system epss
scoring_elements 0.57859
published_at 2026-06-06T12:55:00Z
3
value 0.00351
scoring_system epss
scoring_elements 0.57847
published_at 2026-06-07T12:55:00Z
4
value 0.00351
scoring_system epss
scoring_elements 0.57833
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9278
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1169843
reference_id 1169843
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1169843
3
reference_url https://access.redhat.com/errata/RHSA-2015:0425
reference_id RHSA-2015:0425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0425
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2014-9278
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3vd-8n4n-zub3
57
url VCID-h4q6-qj3x-p3cw
vulnerability_id VCID-h4q6-qj3x-p3cw
summary ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4752.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4752.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2007-4752
reference_id
reference_type
scores
0
value 0.01693
scoring_system epss
scoring_elements 0.82613
published_at 2026-06-08T12:55:00Z
1
value 0.01693
scoring_system epss
scoring_elements 0.82626
published_at 2026-06-09T12:55:00Z
2
value 0.02269
scoring_system epss
scoring_elements 0.84943
published_at 2026-06-04T12:55:00Z
3
value 0.02269
scoring_system epss
scoring_elements 0.84967
published_at 2026-06-05T12:55:00Z
4
value 0.02269
scoring_system epss
scoring_elements 0.84972
published_at 2026-06-06T12:55:00Z
5
value 0.02269
scoring_system epss
scoring_elements 0.84965
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2007-4752
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4752
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=280361
reference_id 280361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=280361
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444738
reference_id 444738
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444738
5
reference_url https://security.gentoo.org/glsa/200711-02
reference_id GLSA-200711-02
reference_type
scores
url https://security.gentoo.org/glsa/200711-02
6
reference_url https://access.redhat.com/errata/RHSA-2008:0855
reference_id RHSA-2008:0855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2008:0855
7
reference_url https://usn.ubuntu.com/566-1/
reference_id USN-566-1
reference_type
scores
url https://usn.ubuntu.com/566-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.7p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.7p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.7p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2007-4752
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h4q6-qj3x-p3cw
58
url VCID-hgmj-kfsa-5yeu
vulnerability_id VCID-hgmj-kfsa-5yeu
summary The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6515.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6515.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6515
reference_id
reference_type
scores
0
value 0.77091
scoring_system epss
scoring_elements 0.98986
published_at 2026-06-09T12:55:00Z
1
value 0.77091
scoring_system epss
scoring_elements 0.98987
published_at 2026-06-08T12:55:00Z
2
value 0.77091
scoring_system epss
scoring_elements 0.9899
published_at 2026-06-06T12:55:00Z
3
value 0.77091
scoring_system epss
scoring_elements 0.98988
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6515
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1364935
reference_id 1364935
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1364935
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833823
reference_id 833823
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833823
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40888.py
reference_id CVE-2016-6515
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40888.py
7
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2029
8
reference_url https://usn.ubuntu.com/3061-1/
reference_id USN-3061-1
reference_type
scores
url https://usn.ubuntu.com/3061-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.3p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-6515
risk_score 9.6
exploitability 2.0
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgmj-kfsa-5yeu
59
url VCID-j51p-deyw-wke5
vulnerability_id VCID-j51p-deyw-wke5
summary The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15906
reference_id
reference_type
scores
0
value 0.02659
scoring_system epss
scoring_elements 0.86085
published_at 2026-06-09T12:55:00Z
1
value 0.02659
scoring_system epss
scoring_elements 0.86063
published_at 2026-06-04T12:55:00Z
2
value 0.02659
scoring_system epss
scoring_elements 0.86084
published_at 2026-06-05T12:55:00Z
3
value 0.02659
scoring_system epss
scoring_elements 0.86088
published_at 2026-06-06T12:55:00Z
4
value 0.02659
scoring_system epss
scoring_elements 0.86083
published_at 2026-06-07T12:55:00Z
5
value 0.02659
scoring_system epss
scoring_elements 0.86072
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15906
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securityfocus.com/bid/101552
reference_id 101552
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url http://www.securityfocus.com/bid/101552
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1506630
reference_id 1506630
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1506630
6
reference_url https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19
reference_id a6981567e8e215acc1ef690c8dbb30f2d9b00a19
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19
7
reference_url https://security.gentoo.org/glsa/201801-05
reference_id GLSA-201801-05
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://security.gentoo.org/glsa/201801-05
8
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
9
reference_url https://security.netapp.com/advisory/ntap-20180423-0004/
reference_id ntap-20180423-0004
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://security.netapp.com/advisory/ntap-20180423-0004/
10
reference_url https://www.openssh.com/txt/release-7.6
reference_id release-7.6
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://www.openssh.com/txt/release-7.6
11
reference_url https://access.redhat.com/errata/RHSA-2018:0980
reference_id RHSA-2018:0980
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://access.redhat.com/errata/RHSA-2018:0980
12
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:55:30Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:7.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2017-15906
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j51p-deyw-wke5
60
url VCID-j5e6-fj44-jyab
vulnerability_id VCID-j5e6-fj44-jyab
summary OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0386.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0386
reference_id
reference_type
scores
0
value 0.09637
scoring_system epss
scoring_elements 0.9304
published_at 2026-06-04T12:55:00Z
1
value 0.09637
scoring_system epss
scoring_elements 0.93051
published_at 2026-06-09T12:55:00Z
2
value 0.09637
scoring_system epss
scoring_elements 0.93049
published_at 2026-06-06T12:55:00Z
3
value 0.09637
scoring_system epss
scoring_elements 0.93045
published_at 2026-06-07T12:55:00Z
4
value 0.09637
scoring_system epss
scoring_elements 0.93042
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617024
reference_id 1617024
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617024
4
reference_url https://access.redhat.com/errata/RHSA-2006:0298
reference_id RHSA-2006:0298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0298
5
reference_url https://access.redhat.com/errata/RHSA-2006:0698
reference_id RHSA-2006:0698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0698
fixed_packages
0
url pkg:deb/debian/openssh@1:3.8p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:3.8p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0386
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j5e6-fj44-jyab
61
url VCID-j6sg-4k7a-5yf1
vulnerability_id VCID-j6sg-4k7a-5yf1
summary sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2760.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2760.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2760
reference_id
reference_type
scores
0
value 0.00303
scoring_system epss
scoring_elements 0.53864
published_at 2026-06-04T12:55:00Z
1
value 0.00303
scoring_system epss
scoring_elements 0.53922
published_at 2026-06-05T12:55:00Z
2
value 0.00303
scoring_system epss
scoring_elements 0.53929
published_at 2026-06-06T12:55:00Z
3
value 0.00303
scoring_system epss
scoring_elements 0.53917
published_at 2026-06-09T12:55:00Z
4
value 0.00303
scoring_system epss
scoring_elements 0.53894
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2760
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2760
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2760
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=457832
reference_id 457832
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=457832
fixed_packages
0
url pkg:deb/debian/openssh@1:3.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:3.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2004-2760
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6sg-4k7a-5yf1
62
url VCID-jfe9-9b2f-q7g6
vulnerability_id VCID-jfe9-9b2f-q7g6
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6111
reference_id
reference_type
scores
0
value 0.53643
scoring_system epss
scoring_elements 0.9804
published_at 2026-06-09T12:55:00Z
1
value 0.54213
scoring_system epss
scoring_elements 0.98064
published_at 2026-06-07T12:55:00Z
2
value 0.54213
scoring_system epss
scoring_elements 0.98065
published_at 2026-06-06T12:55:00Z
3
value 0.54213
scoring_system epss
scoring_elements 0.98063
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6111
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url http://www.openwall.com/lists/oss-security/2019/04/18/1
reference_id 1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.openwall.com/lists/oss-security/2019/04/18/1
7
reference_url http://www.openwall.com/lists/oss-security/2022/08/02/1
reference_id 1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.openwall.com/lists/oss-security/2022/08/02/1
8
reference_url http://www.securityfocus.com/bid/106741
reference_id 106741
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://www.securityfocus.com/bid/106741
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1666127
reference_id 1666127
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1666127
10
reference_url https://usn.ubuntu.com/3885-1/
reference_id 3885-1
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://usn.ubuntu.com/3885-1/
11
reference_url https://usn.ubuntu.com/3885-2/
reference_id 3885-2
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://usn.ubuntu.com/3885-2/
12
reference_url https://www.exploit-db.com/exploits/46193/
reference_id 46193
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.exploit-db.com/exploits/46193/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486
reference_id 923486
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486
14
reference_url https://security.archlinux.org/ASA-201904-11
reference_id ASA-201904-11
reference_type
scores
url https://security.archlinux.org/ASA-201904-11
15
reference_url https://security.archlinux.org/AVG-951
reference_id AVG-951
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-951
16
reference_url https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
reference_id c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
reference_id c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
reference_id d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E
19
reference_url https://www.debian.org/security/2019/dsa-4387
reference_id dsa-4387
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.debian.org/security/2019/dsa-4387
20
reference_url https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
reference_id e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E
21
reference_url https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc
reference_id FreeBSD-EN-19:10.scp.asc
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc
22
reference_url https://security.gentoo.org/glsa/201903-16
reference_id GLSA-201903-16
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://security.gentoo.org/glsa/201903-16
23
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
24
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
reference_id msg00058.html
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
25
reference_url https://security.netapp.com/advisory/ntap-20190213-0001/
reference_id ntap-20190213-0001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://security.netapp.com/advisory/ntap-20190213-0001/
26
reference_url https://access.redhat.com/errata/RHSA-2019:3702
reference_id RHSA-2019:3702
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://access.redhat.com/errata/RHSA-2019:3702
27
reference_url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
reference_id scp.c
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
28
reference_url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
reference_id scp-client-multiple-vulnerabilities.txt
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
29
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1677794
reference_id show_bug.cgi?id=1677794
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1677794
30
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
reference_id W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.9p1-9?distro=trixie
purl pkg:deb/debian/openssh@1:7.9p1-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-9%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2019-6111
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfe9-9b2f-q7g6
63
url VCID-jpff-x78s-nkhw
vulnerability_id VCID-jpff-x78s-nkhw
summary authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json
reference_id
reference_type
scores
0
value 2.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10011
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03033
published_at 2026-06-04T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.0316
published_at 2026-06-09T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.03186
published_at 2026-06-08T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03205
published_at 2026-06-07T12:55:00Z
4
value 0.00015
scoring_system epss
scoring_elements 0.03052
published_at 2026-06-06T12:55:00Z
5
value 0.00015
scoring_system epss
scoring_elements 0.03044
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10011
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1
scoring_system cvssv2
scoring_elements AV:L/AC:H/Au:S/C:P/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1037490
reference_id 1037490
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url http://www.securitytracker.com/id/1037490
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406286
reference_id 1406286
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406286
6
reference_url http://www.openwall.com/lists/oss-security/2016/12/19/2
reference_id 2
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url http://www.openwall.com/lists/oss-security/2016/12/19/2
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716
reference_id 848716
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716
8
reference_url http://www.securityfocus.com/bid/94977
reference_id 94977
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url http://www.securityfocus.com/bid/94977
9
reference_url https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9
reference_id ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9
10
reference_url https://security.archlinux.org/ASA-201612-20
reference_id ASA-201612-20
reference_type
scores
url https://security.archlinux.org/ASA-201612-20
11
reference_url https://security.archlinux.org/AVG-110
reference_id AVG-110
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-110
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_id display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
13
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
14
reference_url https://security.netapp.com/advisory/ntap-20171130-0002/
reference_id ntap-20171130-0002
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://security.netapp.com/advisory/ntap-20171130-0002/
15
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://www.openssh.com/txt/release-7.4
16
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://access.redhat.com/errata/RHSA-2017:2029
17
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
18
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
reference_id ssa-676336.pdf
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf
19
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_id viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
fixed_packages
0
url pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-10011
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jpff-x78s-nkhw
64
url VCID-k1dj-8c33-c7a9
vulnerability_id VCID-k1dj-8c33-c7a9
summary openssh: Logic error in ObscureKeystrokeTiming
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39894.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-39894
reference_id
reference_type
scores
0
value 0.02949
scoring_system epss
scoring_elements 0.86736
published_at 2026-06-09T12:55:00Z
1
value 0.02949
scoring_system epss
scoring_elements 0.86739
published_at 2026-06-05T12:55:00Z
2
value 0.02949
scoring_system epss
scoring_elements 0.86738
published_at 2026-06-06T12:55:00Z
3
value 0.02949
scoring_system epss
scoring_elements 0.86734
published_at 2026-06-07T12:55:00Z
4
value 0.02949
scoring_system epss
scoring_elements 0.86724
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-39894
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
reference_id 000158.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
4
reference_url https://www.openwall.com/lists/oss-security/2024/07/02/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://www.openwall.com/lists/oss-security/2024/07/02/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764
reference_id 1076764
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1076764
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2295273
reference_id 2295273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2295273
7
reference_url http://www.openwall.com/lists/oss-security/2024/07/28/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url http://www.openwall.com/lists/oss-security/2024/07/28/3
8
reference_url http://www.openwall.com/lists/oss-security/2024/07/23/4
reference_id 4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url http://www.openwall.com/lists/oss-security/2024/07/23/4
9
reference_url http://www.openwall.com/lists/oss-security/2024/07/03/6
reference_id 6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url http://www.openwall.com/lists/oss-security/2024/07/03/6
10
reference_url http://www.openwall.com/lists/oss-security/2024/07/23/6
reference_id 6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url http://www.openwall.com/lists/oss-security/2024/07/23/6
11
reference_url https://news.ycombinator.com/item?id=41508530
reference_id item?id=41508530
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://news.ycombinator.com/item?id=41508530
12
reference_url https://security.netapp.com/advisory/ntap-20240712-0004/
reference_id ntap-20240712-0004
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://security.netapp.com/advisory/ntap-20240712-0004/
13
reference_url https://www.openssh.com/txt/release-9.8
reference_id release-9.8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://www.openssh.com/txt/release-9.8
14
reference_url https://crzphil.github.io/posts/ssh-obfuscation-bypass/
reference_id ssh-obfuscation-bypass
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-03T13:15:38Z/
url https://crzphil.github.io/posts/ssh-obfuscation-bypass/
15
reference_url https://usn.ubuntu.com/6887-1/
reference_id USN-6887-1
reference_type
scores
url https://usn.ubuntu.com/6887-1/
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.8p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.8p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.8p1-1%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2024-39894
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k1dj-8c33-c7a9
65
url VCID-kdeq-2yyr-hkg9
vulnerability_id VCID-kdeq-2yyr-hkg9
summary The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0814
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.51228
published_at 2026-06-09T12:55:00Z
1
value 0.00275
scoring_system epss
scoring_elements 0.51252
published_at 2026-06-05T12:55:00Z
2
value 0.00275
scoring_system epss
scoring_elements 0.51258
published_at 2026-06-06T12:55:00Z
3
value 0.00275
scoring_system epss
scoring_elements 0.51237
published_at 2026-06-07T12:55:00Z
4
value 0.00275
scoring_system epss
scoring_elements 0.51207
published_at 2026-06-08T12:55:00Z
5
value 0.00275
scoring_system epss
scoring_elements 0.5119
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0814
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814
3
reference_url http://openwall.com/lists/oss-security/2012/01/27/1
reference_id 1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://openwall.com/lists/oss-security/2012/01/27/1
4
reference_url http://openwall.com/lists/oss-security/2012/01/26/15
reference_id 15
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://openwall.com/lists/oss-security/2012/01/26/15
5
reference_url http://openwall.com/lists/oss-security/2012/01/26/16
reference_id 16
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://openwall.com/lists/oss-security/2012/01/26/16
6
reference_url http://openwall.com/lists/oss-security/2012/01/27/4
reference_id 4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://openwall.com/lists/oss-security/2012/01/27/4
7
reference_url http://www.securityfocus.com/bid/51702
reference_id 51702
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://www.securityfocus.com/bid/51702
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445
reference_id 657445
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/72756
reference_id 72756
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/72756
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=785292
reference_id 785292
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=785292
11
reference_url http://osvdb.org/78706
reference_id 78706
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://osvdb.org/78706
12
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c
reference_id auth-options.c
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c
13
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c.diff?r1=1.53%3Br2=1.54
reference_id auth-options.c.diff?r1=1.53%3Br2=1.54
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c.diff?r1=1.53%3Br2=1.54
14
reference_url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445
reference_id bugreport.cgi?bug=657445
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445
15
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
16
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
reference_id index?page=content&id=JSA10673
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
fixed_packages
0
url pkg:deb/debian/openssh@1:5.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:5.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2012-0814
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdeq-2yyr-hkg9
66
url VCID-ku5v-32rk-5qbv
vulnerability_id VCID-ku5v-32rk-5qbv
summary An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None authentication option, then the user cannot determine whether FIDO authentication is going to confirm that the user wishes to connect to that server, or that the user wishes to allow that server to connect to a different server on the user's behalf. NOTE: the vendor's position is "this is not an authentication bypass, since nothing is being bypassed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36368.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-36368.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-36368
reference_id
reference_type
scores
0
value 0.00432
scoring_system epss
scoring_elements 0.63023
published_at 2026-06-04T12:55:00Z
1
value 0.00432
scoring_system epss
scoring_elements 0.63067
published_at 2026-06-05T12:55:00Z
2
value 0.00432
scoring_system epss
scoring_elements 0.63075
published_at 2026-06-06T12:55:00Z
3
value 0.00432
scoring_system epss
scoring_elements 0.63065
published_at 2026-06-07T12:55:00Z
4
value 0.00432
scoring_system epss
scoring_elements 0.63052
published_at 2026-06-08T12:55:00Z
5
value 0.00432
scoring_system epss
scoring_elements 0.63069
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-36368
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36368
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36368
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2086690
reference_id 2086690
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2086690
5
reference_url https://github.com/openssh/openssh-portable/pull/258
reference_id 258
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:46:16Z/
url https://github.com/openssh/openssh-portable/pull/258
6
reference_url https://security-tracker.debian.org/tracker/CVE-2021-36368
reference_id CVE-2021-36368
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:46:16Z/
url https://security-tracker.debian.org/tracker/CVE-2021-36368
7
reference_url https://www.openssh.com/security.html
reference_id security.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:46:16Z/
url https://www.openssh.com/security.html
8
reference_url https://bugzilla.mindrot.org/show_bug.cgi?id=3316
reference_id show_bug.cgi?id=3316
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:46:16Z/
url https://bugzilla.mindrot.org/show_bug.cgi?id=3316
9
reference_url https://docs.ssh-mitm.at/trivialauth.html
reference_id trivialauth.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:46:16Z/
url https://docs.ssh-mitm.at/trivialauth.html
fixed_packages
0
url pkg:deb/debian/openssh@1:8.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:8.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2021-36368
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ku5v-32rk-5qbv
67
url VCID-m67r-g1xt-d3e4
vulnerability_id VCID-m67r-g1xt-d3e4
summary Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5051.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5051.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5051
reference_id
reference_type
scores
0
value 0.02554
scoring_system epss
scoring_elements 0.858
published_at 2026-06-06T12:55:00Z
1
value 0.02554
scoring_system epss
scoring_elements 0.85795
published_at 2026-06-09T12:55:00Z
2
value 0.02554
scoring_system epss
scoring_elements 0.85798
published_at 2026-06-05T12:55:00Z
3
value 0.02554
scoring_system epss
scoring_elements 0.85775
published_at 2026-06-04T12:55:00Z
4
value 0.02554
scoring_system epss
scoring_elements 0.85796
published_at 2026-06-07T12:55:00Z
5
value 0.02554
scoring_system epss
scoring_elements 0.85781
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5051
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=208347
reference_id 208347
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=208347
5
reference_url https://security.gentoo.org/glsa/200611-06
reference_id GLSA-200611-06
reference_type
scores
url https://security.gentoo.org/glsa/200611-06
6
reference_url https://access.redhat.com/errata/RHSA-2006:0697
reference_id RHSA-2006:0697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0697
7
reference_url https://access.redhat.com/errata/RHSA-2006:0698
reference_id RHSA-2006:0698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0698
8
reference_url https://usn.ubuntu.com/355-1/
reference_id USN-355-1
reference_type
scores
url https://usn.ubuntu.com/355-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-5051
risk_score 2.0
exploitability 0.5
weighted_severity 4.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m67r-g1xt-d3e4
68
url VCID-mwrp-bru4-fbb7
vulnerability_id VCID-mwrp-bru4-fbb7
summary The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5352
reference_id
reference_type
scores
0
value 0.0539
scoring_system epss
scoring_elements 0.90284
published_at 2026-06-04T12:55:00Z
1
value 0.0539
scoring_system epss
scoring_elements 0.90299
published_at 2026-06-06T12:55:00Z
2
value 0.0539
scoring_system epss
scoring_elements 0.90297
published_at 2026-06-07T12:55:00Z
3
value 0.0539
scoring_system epss
scoring_elements 0.90296
published_at 2026-06-08T12:55:00Z
4
value 0.0539
scoring_system epss
scoring_elements 0.90312
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5352
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1238231
reference_id 1238231
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1238231
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798
reference_id 790798
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798
5
reference_url https://security.gentoo.org/glsa/201512-04
reference_id GLSA-201512-04
reference_type
scores
url https://security.gentoo.org/glsa/201512-04
6
reference_url https://access.redhat.com/errata/RHSA-2016:0741
reference_id RHSA-2016:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0741
7
reference_url https://usn.ubuntu.com/2710-1/
reference_id USN-2710-1
reference_type
scores
url https://usn.ubuntu.com/2710-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-5352
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mwrp-bru4-fbb7
69
url VCID-npz7-jwtf-qfhu
vulnerability_id VCID-npz7-jwtf-qfhu
summary Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2000-0992
reference_id
reference_type
scores
0
value 0.0285
scoring_system epss
scoring_elements 0.86497
published_at 2026-06-04T12:55:00Z
1
value 0.0285
scoring_system epss
scoring_elements 0.8652
published_at 2026-06-06T12:55:00Z
2
value 0.0285
scoring_system epss
scoring_elements 0.86516
published_at 2026-06-07T12:55:00Z
3
value 0.0285
scoring_system epss
scoring_elements 0.86504
published_at 2026-06-08T12:55:00Z
4
value 0.0285
scoring_system epss
scoring_elements 0.86517
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2000-0992
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0992
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0992
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
reference_id 270770
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20253.sh
reference_id CVE-2000-0992;OSVDB-1586
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20253.sh
4
reference_url https://www.securityfocus.com/bid/1742/info
reference_id CVE-2000-0992;OSVDB-1586
reference_type exploit
scores
url https://www.securityfocus.com/bid/1742/info
fixed_packages
0
url pkg:deb/debian/openssh@1:3.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:3.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2000-0992
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npz7-jwtf-qfhu
70
url VCID-ntmv-cqw4-y7d4
vulnerability_id VCID-ntmv-cqw4-y7d4
summary Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5052.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5052
reference_id
reference_type
scores
0
value 0.14969
scoring_system epss
scoring_elements 0.94686
published_at 2026-06-04T12:55:00Z
1
value 0.14969
scoring_system epss
scoring_elements 0.94694
published_at 2026-06-05T12:55:00Z
2
value 0.14969
scoring_system epss
scoring_elements 0.94695
published_at 2026-06-06T12:55:00Z
3
value 0.14969
scoring_system epss
scoring_elements 0.94696
published_at 2026-06-08T12:55:00Z
4
value 0.14969
scoring_system epss
scoring_elements 0.94701
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5052
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=234643
reference_id 234643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=234643
4
reference_url https://security.gentoo.org/glsa/200611-06
reference_id GLSA-200611-06
reference_type
scores
url https://security.gentoo.org/glsa/200611-06
5
reference_url https://access.redhat.com/errata/RHSA-2007:0540
reference_id RHSA-2007:0540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0540
6
reference_url https://access.redhat.com/errata/RHSA-2007:0703
reference_id RHSA-2007:0703
reference_type
scores
url https://access.redhat.com/errata/RHSA-2007:0703
fixed_packages
0
url pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-5052
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntmv-cqw4-y7d4
71
url VCID-p6kp-cqcx-e3bt
vulnerability_id VCID-p6kp-cqcx-e3bt
summary OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1657.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1657.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-1657
reference_id
reference_type
scores
0
value 0.00458
scoring_system epss
scoring_elements 0.64311
published_at 2026-06-04T12:55:00Z
1
value 0.00458
scoring_system epss
scoring_elements 0.64355
published_at 2026-06-05T12:55:00Z
2
value 0.00458
scoring_system epss
scoring_elements 0.64364
published_at 2026-06-06T12:55:00Z
3
value 0.00458
scoring_system epss
scoring_elements 0.64353
published_at 2026-06-07T12:55:00Z
4
value 0.00458
scoring_system epss
scoring_elements 0.64342
published_at 2026-06-08T12:55:00Z
5
value 0.00458
scoring_system epss
scoring_elements 0.64362
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-1657
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1657
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1657
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=440268
reference_id 440268
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=440268
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475156
reference_id 475156
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475156
5
reference_url https://security.gentoo.org/glsa/200804-03
reference_id GLSA-200804-03
reference_type
scores
url https://security.gentoo.org/glsa/200804-03
6
reference_url https://usn.ubuntu.com/649-1/
reference_id USN-649-1
reference_type
scores
url https://usn.ubuntu.com/649-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.7p1-8?distro=trixie
purl pkg:deb/debian/openssh@1:4.7p1-8?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.7p1-8%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-1657
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p6kp-cqcx-e3bt
72
url VCID-p7ve-dq9s-h7b6
vulnerability_id VCID-p7ve-dq9s-h7b6
summary ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-28041
reference_id
reference_type
scores
0
value 0.00256
scoring_system epss
scoring_elements 0.49165
published_at 2026-06-04T12:55:00Z
1
value 0.00256
scoring_system epss
scoring_elements 0.49202
published_at 2026-06-09T12:55:00Z
2
value 0.00256
scoring_system epss
scoring_elements 0.49219
published_at 2026-06-07T12:55:00Z
3
value 0.00256
scoring_system epss
scoring_elements 0.49189
published_at 2026-06-08T12:55:00Z
4
value 0.00256
scoring_system epss
scoring_elements 0.49226
published_at 2026-06-05T12:55:00Z
5
value 0.00256
scoring_system epss
scoring_elements 0.49237
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-28041
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1935055
reference_id 1935055
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1935055
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940
reference_id 984940
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940
6
reference_url https://security.archlinux.org/ASA-202103-6
reference_id ASA-202103-6
reference_type
scores
url https://security.archlinux.org/ASA-202103-6
7
reference_url https://security.archlinux.org/AVG-1657
reference_id AVG-1657
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1657
8
reference_url https://security.gentoo.org/glsa/202105-35
reference_id GLSA-202105-35
reference_type
scores
url https://security.gentoo.org/glsa/202105-35
9
reference_url https://usn.ubuntu.com/4762-1/
reference_id USN-4762-1
reference_type
scores
url https://usn.ubuntu.com/4762-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2021-28041
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7ve-dq9s-h7b6
73
url VCID-phen-cm7y-rqau
vulnerability_id VCID-phen-cm7y-rqau
summary A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2904.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-2904
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.12146
published_at 2026-06-04T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.12228
published_at 2026-06-05T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.12226
published_at 2026-06-06T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.12191
published_at 2026-06-07T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.12115
published_at 2026-06-08T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.12128
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-2904
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=522141
reference_id 522141
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=522141
3
reference_url https://access.redhat.com/errata/RHSA-2009:1470
reference_id RHSA-2009:1470
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1470
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2009-2904
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-phen-cm7y-rqau
74
url VCID-pzgw-b5hx-jufb
vulnerability_id VCID-pzgw-b5hx-jufb
summary The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2653.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2653.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2653
reference_id
reference_type
scores
0
value 0.02148
scoring_system epss
scoring_elements 0.84575
published_at 2026-06-09T12:55:00Z
1
value 0.02148
scoring_system epss
scoring_elements 0.84574
published_at 2026-06-07T12:55:00Z
2
value 0.02148
scoring_system epss
scoring_elements 0.84578
published_at 2026-06-06T12:55:00Z
3
value 0.02148
scoring_system epss
scoring_elements 0.84562
published_at 2026-06-08T12:55:00Z
4
value 0.02148
scoring_system epss
scoring_elements 0.84549
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2653
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1081338
reference_id 1081338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1081338
5
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
reference_id 133537.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
reference_id 134026.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
7
reference_url http://secunia.com/advisories/59855
reference_id 59855
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://secunia.com/advisories/59855
8
reference_url http://www.securityfocus.com/bid/66459
reference_id 66459
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://www.securityfocus.com/bid/66459
9
reference_url http://openwall.com/lists/oss-security/2014/03/26/7
reference_id 7
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://openwall.com/lists/oss-security/2014/03/26/7
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513
reference_id 742513
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513
11
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:068
reference_id advisories?name=MDVSA-2014:068
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:068
12
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:095
reference_id advisories?name=MDVSA-2015:095
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:095
13
reference_url http://www.debian.org/security/2014/dsa-2894
reference_id dsa-2894
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://www.debian.org/security/2014/dsa-2894
14
reference_url http://marc.info/?l=bugtraq&m=141576985122836&w=2
reference_id ?l=bugtraq&m=141576985122836&w=2
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://marc.info/?l=bugtraq&m=141576985122836&w=2
15
reference_url http://advisories.mageia.org/MGASA-2014-0166.html
reference_id MGASA-2014-0166.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://advisories.mageia.org/MGASA-2014-0166.html
16
reference_url http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc
reference_id openssh_advisory4.asc
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc
17
reference_url https://access.redhat.com/errata/RHSA-2014:1552
reference_id RHSA-2014:1552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1552
18
reference_url http://rhn.redhat.com/errata/RHSA-2014-1552.html
reference_id RHSA-2014-1552.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://rhn.redhat.com/errata/RHSA-2014-1552.html
19
reference_url https://access.redhat.com/errata/RHSA-2015:0425
reference_id RHSA-2015:0425
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0425
20
reference_url http://rhn.redhat.com/errata/RHSA-2015-0425.html
reference_id RHSA-2015-0425.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://rhn.redhat.com/errata/RHSA-2015-0425.html
21
reference_url https://usn.ubuntu.com/2164-1/
reference_id USN-2164-1
reference_type
scores
url https://usn.ubuntu.com/2164-1/
22
reference_url http://www.ubuntu.com/usn/USN-2164-1
reference_id USN-2164-1
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:42:46Z/
url http://www.ubuntu.com/usn/USN-2164-1
fixed_packages
0
url pkg:deb/debian/openssh@1:6.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2014-2653
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pzgw-b5hx-jufb
75
url VCID-qdj6-v2mm-u3hv
vulnerability_id VCID-qdj6-v2mm-u3hv
summary The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server. The victim must use the command scp -rp to download a file hierarchy containing, anywhere inside, this crafted subdirectory. NOTE: the vendor points out that "this attack can achieve no more than a hostile peer is already able to achieve within the scp protocol" and "utimes does not fail under normal circumstances.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12062
reference_id
reference_type
scores
0
value 0.0096
scoring_system epss
scoring_elements 0.76824
published_at 2026-06-04T12:55:00Z
1
value 0.0096
scoring_system epss
scoring_elements 0.76857
published_at 2026-06-05T12:55:00Z
2
value 0.0096
scoring_system epss
scoring_elements 0.76864
published_at 2026-06-06T12:55:00Z
3
value 0.0096
scoring_system epss
scoring_elements 0.76854
published_at 2026-06-07T12:55:00Z
4
value 0.0096
scoring_system epss
scoring_elements 0.76843
published_at 2026-06-08T12:55:00Z
5
value 0.0096
scoring_system epss
scoring_elements 0.76865
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12062
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1854145
reference_id 1854145
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1854145
fixed_packages
0
url pkg:deb/debian/openssh@1:8.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:8.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.3p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2020-12062
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdj6-v2mm-u3hv
76
url VCID-qjt3-quex-2kc8
vulnerability_id VCID-qjt3-quex-2kc8
summary scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0225.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-0225
reference_id
reference_type
scores
0
value 0.00093
scoring_system epss
scoring_elements 0.25963
published_at 2026-06-09T12:55:00Z
1
value 0.00093
scoring_system epss
scoring_elements 0.26065
published_at 2026-06-05T12:55:00Z
2
value 0.00093
scoring_system epss
scoring_elements 0.2606
published_at 2026-06-06T12:55:00Z
3
value 0.00093
scoring_system epss
scoring_elements 0.26014
published_at 2026-06-07T12:55:00Z
4
value 0.00093
scoring_system epss
scoring_elements 0.25957
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-0225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=168167
reference_id 168167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=168167
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349645
reference_id 349645
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349645
5
reference_url https://security.gentoo.org/glsa/200602-11
reference_id GLSA-200602-11
reference_type
scores
url https://security.gentoo.org/glsa/200602-11
6
reference_url https://access.redhat.com/errata/RHSA-2006:0044
reference_id RHSA-2006:0044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0044
7
reference_url https://access.redhat.com/errata/RHSA-2006:0298
reference_id RHSA-2006:0298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0298
8
reference_url https://access.redhat.com/errata/RHSA-2006:0698
reference_id RHSA-2006:0698
reference_type
scores
url https://access.redhat.com/errata/RHSA-2006:0698
9
reference_url https://usn.ubuntu.com/255-1/
reference_id USN-255-1
reference_type
scores
url https://usn.ubuntu.com/255-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.3p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.3p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.3p2-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2006-0225
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qjt3-quex-2kc8
77
url VCID-qney-8hf3-g3by
vulnerability_id VCID-qney-8hf3-g3by
summary OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-4478
reference_id
reference_type
scores
0
value 0.00383
scoring_system epss
scoring_elements 0.59914
published_at 2026-06-04T12:55:00Z
1
value 0.00383
scoring_system epss
scoring_elements 0.59961
published_at 2026-06-05T12:55:00Z
2
value 0.00383
scoring_system epss
scoring_elements 0.59964
published_at 2026-06-06T12:55:00Z
3
value 0.00383
scoring_system epss
scoring_elements 0.59955
published_at 2026-06-09T12:55:00Z
4
value 0.00383
scoring_system epss
scoring_elements 0.59937
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-4478
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=660642
reference_id 660642
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=660642
3
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
4
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
reference_id index?page=content&id=JSA10673
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
5
reference_url https://github.com/seb-m/jpake
reference_id jpake
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url https://github.com/seb-m/jpake
6
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h
reference_id jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h
7
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5
reference_id jpake.c#rev1.5
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5
8
reference_url http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf
reference_id jpake-session-key-retrieval.pdf
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf
9
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338
reference_id oval%3Aorg.mitre.oval%3Adef%3A12338
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2010-4478
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qney-8hf3-g3by
78
url VCID-r7sd-ev6v-jfcf
vulnerability_id VCID-r7sd-ev6v-jfcf
summary A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0693.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0693
reference_id
reference_type
scores
0
value 0.26823
scoring_system epss
scoring_elements 0.96454
published_at 2026-06-04T12:55:00Z
1
value 0.26823
scoring_system epss
scoring_elements 0.96458
published_at 2026-06-05T12:55:00Z
2
value 0.26823
scoring_system epss
scoring_elements 0.96461
published_at 2026-06-06T12:55:00Z
3
value 0.26823
scoring_system epss
scoring_elements 0.96463
published_at 2026-06-08T12:55:00Z
4
value 0.26823
scoring_system epss
scoring_elements 0.96468
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0693
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617069
reference_id 1617069
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617069
4
reference_url https://access.redhat.com/errata/RHSA-2003:279
reference_id RHSA-2003:279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:279
5
reference_url https://access.redhat.com/errata/RHSA-2003:280
reference_id RHSA-2003:280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:280
fixed_packages
0
url pkg:deb/debian/openssh@1:3.6.1p2-6.0?distro=trixie
purl pkg:deb/debian/openssh@1:3.6.1p2-6.0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.6.1p2-6.0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0693
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r7sd-ev6v-jfcf
79
url VCID-rjhz-8hbr-zkd7
vulnerability_id VCID-rjhz-8hbr-zkd7
summary SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-1119
reference_id
reference_type
scores
0
value 0.00704
scoring_system epss
scoring_elements 0.72471
published_at 2026-06-04T12:55:00Z
1
value 0.00704
scoring_system epss
scoring_elements 0.72513
published_at 2026-06-05T12:55:00Z
2
value 0.00704
scoring_system epss
scoring_elements 0.7252
published_at 2026-06-06T12:55:00Z
3
value 0.00704
scoring_system epss
scoring_elements 0.725
published_at 2026-06-07T12:55:00Z
4
value 0.00704
scoring_system epss
scoring_elements 0.72487
published_at 2026-06-08T12:55:00Z
5
value 0.00704
scoring_system epss
scoring_elements 0.72511
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-1119
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-1119
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjhz-8hbr-zkd7
80
url VCID-rp6w-z4mn-33d4
vulnerability_id VCID-rp6w-z4mn-33d4
summary sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6210.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6210.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6210
reference_id
reference_type
scores
0
value 0.90046
scoring_system epss
scoring_elements 0.996
published_at 2026-06-07T12:55:00Z
1
value 0.90046
scoring_system epss
scoring_elements 0.99601
published_at 2026-06-09T12:55:00Z
2
value 0.90046
scoring_system epss
scoring_elements 0.99602
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6210
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1036319
reference_id 1036319
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url http://www.securitytracker.com/id/1036319
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1357442
reference_id 1357442
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1357442
6
reference_url https://www.exploit-db.com/exploits/40113/
reference_id 40113
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://www.exploit-db.com/exploits/40113/
7
reference_url https://www.exploit-db.com/exploits/40136/
reference_id 40136
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://www.exploit-db.com/exploits/40136/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831902
reference_id 831902
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831902
9
reference_url http://www.securityfocus.com/bid/91812
reference_id 91812
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url http://www.securityfocus.com/bid/91812
10
reference_url http://seclists.org/fulldisclosure/2016/Jul/51
reference_id CVE-2016-6210
reference_type exploit
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url http://seclists.org/fulldisclosure/2016/Jul/51
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40113.txt
reference_id CVE-2016-6210
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40113.txt
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40136.py
reference_id CVE-2016-6210
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40136.py
13
reference_url http://www.debian.org/security/2016/dsa-3626
reference_id dsa-3626
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url http://www.debian.org/security/2016/dsa-3626
14
reference_url https://security.gentoo.org/glsa/201612-18
reference_id GLSA-201612-18
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://security.gentoo.org/glsa/201612-18
15
reference_url https://security.netapp.com/advisory/ntap-20190206-0001/
reference_id ntap-20190206-0001
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://security.netapp.com/advisory/ntap-20190206-0001/
16
reference_url https://www.openssh.com/txt/release-7.3
reference_id release-7.3
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://www.openssh.com/txt/release-7.3
17
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://access.redhat.com/errata/RHSA-2017:2029
18
reference_url https://access.redhat.com/errata/RHSA-2017:2563
reference_id RHSA-2017:2563
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://access.redhat.com/errata/RHSA-2017:2563
19
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:17:34Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
20
reference_url https://usn.ubuntu.com/3061-1/
reference_id USN-3061-1
reference_type
scores
url https://usn.ubuntu.com/3061-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.2p2-6?distro=trixie
purl pkg:deb/debian/openssh@1:7.2p2-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.2p2-6%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-6210
risk_score 10.0
exploitability 2.0
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rp6w-z4mn-33d4
81
url VCID-sd3m-8n5d-sbew
vulnerability_id VCID-sd3m-8n5d-sbew
summary OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0166.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0166.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-0166
reference_id
reference_type
scores
0
value 0.04353
scoring_system epss
scoring_elements 0.89126
published_at 2026-06-04T12:55:00Z
1
value 0.04353
scoring_system epss
scoring_elements 0.89142
published_at 2026-06-07T12:55:00Z
2
value 0.04353
scoring_system epss
scoring_elements 0.89143
published_at 2026-06-06T12:55:00Z
3
value 0.04768
scoring_system epss
scoring_elements 0.89657
published_at 2026-06-08T12:55:00Z
4
value 0.04768
scoring_system epss
scoring_elements 0.89672
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-0166
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5622.txt
reference_id CVE-2008-0166
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5622.txt
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5632.rb
reference_id CVE-2008-0166
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5632.rb
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5720.py
reference_id OSVDB-45029;CVE-2008-3280;CVE-2008-0166
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/5720.py
6
reference_url https://usn.ubuntu.com/612-1/
reference_id USN-612-1
reference_type
scores
url https://usn.ubuntu.com/612-1/
7
reference_url https://usn.ubuntu.com/612-2/
reference_id USN-612-2
reference_type
scores
url https://usn.ubuntu.com/612-2/
8
reference_url https://usn.ubuntu.com/612-3/
reference_id USN-612-3
reference_type
scores
url https://usn.ubuntu.com/612-3/
9
reference_url https://usn.ubuntu.com/612-4/
reference_id USN-612-4
reference_type
scores
url https://usn.ubuntu.com/612-4/
10
reference_url https://usn.ubuntu.com/612-7/
reference_id USN-612-7
reference_type
scores
url https://usn.ubuntu.com/612-7/
fixed_packages
0
url pkg:deb/debian/openssh@4.7p1-9?distro=trixie
purl pkg:deb/debian/openssh@4.7p1-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@4.7p1-9%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-0166
risk_score null
exploitability 2.0
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sd3m-8n5d-sbew
82
url VCID-sy27-quy6-fkgj
vulnerability_id VCID-sy27-quy6-fkgj
summary sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2532
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27983
published_at 2026-06-04T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28053
published_at 2026-06-05T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28003
published_at 2026-06-06T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.27966
published_at 2026-06-07T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.27922
published_at 2026-06-08T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.27929
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2532
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url http://www.securitytracker.com/id/1029925
reference_id 1029925
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.securitytracker.com/id/1029925
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1077843
reference_id 1077843
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1077843
7
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
reference_id 133537.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html
8
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
reference_id 134026.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html
9
reference_url http://secunia.com/advisories/57488
reference_id 57488
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://secunia.com/advisories/57488
10
reference_url http://secunia.com/advisories/57574
reference_id 57574
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://secunia.com/advisories/57574
11
reference_url http://secunia.com/advisories/59313
reference_id 59313
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://secunia.com/advisories/59313
12
reference_url http://secunia.com/advisories/59855
reference_id 59855
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://secunia.com/advisories/59855
13
reference_url http://www.securityfocus.com/bid/66355
reference_id 66355
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.securityfocus.com/bid/66355
14
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/91986
reference_id 91986
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/91986
15
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2014:068
reference_id advisories?name=MDVSA-2014:068
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2014:068
16
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2015:095
reference_id advisories?name=MDVSA-2015:095
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2015:095
17
reference_url http://www.debian.org/security/2014/dsa-2894
reference_id dsa-2894
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.debian.org/security/2014/dsa-2894
18
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
19
reference_url https://support.apple.com/HT205267
reference_id HT205267
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url https://support.apple.com/HT205267
20
reference_url http://marc.info/?l=bugtraq&m=141576985122836&w=2
reference_id ?l=bugtraq&m=141576985122836&w=2
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://marc.info/?l=bugtraq&m=141576985122836&w=2
21
reference_url http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2
reference_id ?l=openbsd-security-announce&m=139492048027313&w=2
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2
22
reference_url http://advisories.mageia.org/MGASA-2014-0143.html
reference_id MGASA-2014-0143.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://advisories.mageia.org/MGASA-2014-0143.html
23
reference_url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html
24
reference_url http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc
reference_id openssh_advisory4.asc
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc
25
reference_url https://access.redhat.com/errata/RHSA-2014:1552
reference_id RHSA-2014:1552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1552
26
reference_url http://rhn.redhat.com/errata/RHSA-2014-1552.html
reference_id RHSA-2014-1552.html
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://rhn.redhat.com/errata/RHSA-2014-1552.html
27
reference_url https://usn.ubuntu.com/2155-1/
reference_id USN-2155-1
reference_type
scores
url https://usn.ubuntu.com/2155-1/
28
reference_url http://www.ubuntu.com/usn/USN-2155-1
reference_id USN-2155-1
reference_type
scores
0
value 4.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/
url http://www.ubuntu.com/usn/USN-2155-1
fixed_packages
0
url pkg:deb/debian/openssh@1:6.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.6p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2014-2532
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sy27-quy6-fkgj
83
url VCID-t4xk-zzys-jqa1
vulnerability_id VCID-t4xk-zzys-jqa1
summary The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0778
reference_id
reference_type
scores
0
value 0.00787
scoring_system epss
scoring_elements 0.74228
published_at 2026-06-05T12:55:00Z
1
value 0.00787
scoring_system epss
scoring_elements 0.74232
published_at 2026-06-06T12:55:00Z
2
value 0.00787
scoring_system epss
scoring_elements 0.74195
published_at 2026-06-04T12:55:00Z
3
value 0.00829
scoring_system epss
scoring_elements 0.74925
published_at 2026-06-09T12:55:00Z
4
value 0.00829
scoring_system epss
scoring_elements 0.74914
published_at 2026-06-07T12:55:00Z
5
value 0.00829
scoring_system epss
scoring_elements 0.74899
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0778
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
4
reference_url http://www.securitytracker.com/id/1034671
reference_id 1034671
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.securitytracker.com/id/1034671
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1298033
reference_id 1298033
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1298033
6
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
reference_id 176349.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
7
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
reference_id 176516.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
8
reference_url http://seclists.org/fulldisclosure/2016/Jan/44
reference_id 44
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://seclists.org/fulldisclosure/2016/Jan/44
9
reference_url http://www.openwall.com/lists/oss-security/2016/01/14/7
reference_id 7
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.openwall.com/lists/oss-security/2016/01/14/7
10
reference_url http://www.securityfocus.com/bid/80698
reference_id 80698
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.securityfocus.com/bid/80698
11
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
reference_id docDisplay?docId=emr_na-c05247375
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
12
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
reference_id docDisplay?docId=emr_na-c05356388
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
13
reference_url http://www.debian.org/security/2016/dsa-3446
reference_id dsa-3446
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.debian.org/security/2016/dsa-3446
14
reference_url https://security.gentoo.org/glsa/201601-01
reference_id GLSA-201601-01
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://security.gentoo.org/glsa/201601-01
15
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
reference_id index?page=content&id=JSA10734
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
16
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id linuxbulletinjan2016-2867209.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
17
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
reference_id msg00006.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
18
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
19
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
reference_id msg00008.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
20
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
reference_id msg00009.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
21
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
reference_id msg00013.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
22
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
reference_id msg00014.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
23
reference_url http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
reference_id Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
24
reference_url http://www.openssh.com/txt/release-7.1p2
reference_id release-7.1p2
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.openssh.com/txt/release-7.1p2
25
reference_url https://access.redhat.com/errata/RHSA-2016:0043
reference_id RHSA-2016:0043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0043
26
reference_url https://bto.bluecoat.com/security-advisory/sa109
reference_id sa109
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://bto.bluecoat.com/security-advisory/sa109
27
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
28
reference_url http://www.securityfocus.com/archive/1/537295/100/0/threaded
reference_id threaded
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.securityfocus.com/archive/1/537295/100/0/threaded
29
reference_url https://usn.ubuntu.com/2869-1/
reference_id USN-2869-1
reference_type
scores
url https://usn.ubuntu.com/2869-1/
30
reference_url http://www.ubuntu.com/usn/USN-2869-1
reference_id USN-2869-1
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url http://www.ubuntu.com/usn/USN-2869-1
31
reference_url https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
reference_id utm-up2date-9-319-released
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
32
reference_url https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
reference_id utm-up2date-9-354-released
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:28:06Z/
url https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-0778
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4xk-zzys-jqa1
84
url VCID-t5f1-51tu-8yfp
vulnerability_id VCID-t5f1-51tu-8yfp
summary sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2798.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2798.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2798
reference_id
reference_type
scores
0
value 0.03023
scoring_system epss
scoring_elements 0.86874
published_at 2026-06-04T12:55:00Z
1
value 0.03023
scoring_system epss
scoring_elements 0.86897
published_at 2026-06-05T12:55:00Z
2
value 0.03023
scoring_system epss
scoring_elements 0.86894
published_at 2026-06-06T12:55:00Z
3
value 0.03023
scoring_system epss
scoring_elements 0.8689
published_at 2026-06-07T12:55:00Z
4
value 0.03023
scoring_system epss
scoring_elements 0.8688
published_at 2026-06-08T12:55:00Z
5
value 0.03023
scoring_system epss
scoring_elements 0.86892
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2798
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2798
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2798
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617757
reference_id 1617757
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617757
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326065
reference_id 326065
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=326065
5
reference_url https://access.redhat.com/errata/RHSA-2005:527
reference_id RHSA-2005:527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:527
6
reference_url https://usn.ubuntu.com/209-1/
reference_id USN-209-1
reference_type
scores
url https://usn.ubuntu.com/209-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.2p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:4.2p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.2p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2005-2798
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t5f1-51tu-8yfp
85
url VCID-t9g4-188x-ekbc
vulnerability_id VCID-t9g4-188x-ekbc
summary The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-6563
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.2758
published_at 2026-06-09T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.2771
published_at 2026-06-05T12:55:00Z
2
value 0.00102
scoring_system epss
scoring_elements 0.27644
published_at 2026-06-04T12:55:00Z
3
value 0.00102
scoring_system epss
scoring_elements 0.27659
published_at 2026-06-06T12:55:00Z
4
value 0.00102
scoring_system epss
scoring_elements 0.27621
published_at 2026-06-07T12:55:00Z
5
value 0.00102
scoring_system epss
scoring_elements 0.27573
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-6563
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563
3
reference_url http://www.openwall.com/lists/oss-security/2015/08/22/1
reference_id 1
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://www.openwall.com/lists/oss-security/2015/08/22/1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1252844
reference_id 1252844
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1252844
5
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
reference_id 165170.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165170.html
6
reference_url http://seclists.org/fulldisclosure/2015/Aug/54
reference_id 54
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://seclists.org/fulldisclosure/2015/Aug/54
7
reference_url http://www.securityfocus.com/bid/76317
reference_id 76317
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://www.securityfocus.com/bid/76317
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
reference_id 795711
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711
9
reference_url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
reference_id brocade-security-advisory-2019-766
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-766
10
reference_url https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
reference_id d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://github.com/openssh/openssh-portable/commit/d4697fe9a28dab7255c60433e4dd23cf7fce8a8b
11
reference_url https://security.gentoo.org/glsa/201512-04
reference_id GLSA-201512-04
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://security.gentoo.org/glsa/201512-04
12
reference_url https://support.apple.com/HT205375
reference_id HT205375
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://support.apple.com/HT205375
13
reference_url http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
reference_id msg00005.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://lists.apple.com/archives/security-announce/2015/Oct/msg00005.html
14
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
15
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00017.html
16
reference_url https://security.netapp.com/advisory/ntap-20180201-0002/
reference_id ntap-20180201-0002
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://security.netapp.com/advisory/ntap-20180201-0002/
17
reference_url http://www.openssh.com/txt/release-7.0
reference_id release-7.0
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://www.openssh.com/txt/release-7.0
18
reference_url https://access.redhat.com/errata/RHSA-2015:2088
reference_id RHSA-2015:2088
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2088
19
reference_url https://access.redhat.com/errata/RHSA-2016:0741
reference_id RHSA-2016:0741
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0741
20
reference_url http://rhn.redhat.com/errata/RHSA-2016-0741.html
reference_id RHSA-2016-0741.html
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url http://rhn.redhat.com/errata/RHSA-2016-0741.html
21
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-27T16:11:48Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
fixed_packages
0
url pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:6.9p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.9p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2015-6563
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9g4-188x-ekbc
86
url VCID-th24-j98g-9ufy
vulnerability_id VCID-th24-j98g-9ufy
summary openssh: Machine-in-the-middle attack if VerifyHostKeyDNS is enabled
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-26465
reference_id
reference_type
scores
0
value 0.61222
scoring_system epss
scoring_elements 0.98342
published_at 2026-06-09T12:55:00Z
1
value 0.61739
scoring_system epss
scoring_elements 0.98362
published_at 2026-06-08T12:55:00Z
2
value 0.64523
scoring_system epss
scoring_elements 0.98473
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-26465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://seclists.org/oss-sec/2025/q1/144
reference_id 144
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://seclists.org/oss-sec/2025/q1/144
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2344780
reference_id 2344780
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2344780
6
reference_url https://access.redhat.com/solutions/7109879
reference_id 7109879
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/solutions/7109879
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
reference_id cpe:/a:redhat:discovery:1.14::el9
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
reference_id cpe:/a:redhat:openshift:4
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
reference_id cpe:/a:redhat:rhel_eus:9.4::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
reference_id cpe:/o:redhat:enterprise_linux:10
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
reference_id cpe:/o:redhat:rhel_eus:9.4::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos
18
reference_url https://access.redhat.com/security/cve/CVE-2025-26465
reference_id CVE-2025-26465
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/security/cve/CVE-2025-26465
19
reference_url https://security.gentoo.org/glsa/202502-01
reference_id GLSA-202502-01
reference_type
scores
url https://security.gentoo.org/glsa/202502-01
20
reference_url https://access.redhat.com/errata/RHSA-2025:16823
reference_id RHSA-2025:16823
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:16823
21
reference_url https://access.redhat.com/errata/RHSA-2025:3837
reference_id RHSA-2025:3837
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:3837
22
reference_url https://access.redhat.com/errata/RHSA-2025:6993
reference_id RHSA-2025:6993
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:6993
23
reference_url https://access.redhat.com/errata/RHSA-2025:8385
reference_id RHSA-2025:8385
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/
url https://access.redhat.com/errata/RHSA-2025:8385
24
reference_url https://usn.ubuntu.com/7270-1/
reference_id USN-7270-1
reference_type
scores
url https://usn.ubuntu.com/7270-1/
25
reference_url https://usn.ubuntu.com/7270-2/
reference_id USN-7270-2
reference_type
scores
url https://usn.ubuntu.com/7270-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u5?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u5%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.9p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.9p2-1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2025-26465
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-th24-j98g-9ufy
87
url VCID-ugpp-5sa1-x7hq
vulnerability_id VCID-ugpp-5sa1-x7hq
summary openssh: potential command injection via shell metacharacters
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-51385
reference_id
reference_type
scores
0
value 0.17234
scoring_system epss
scoring_elements 0.95164
published_at 2026-06-09T12:55:00Z
1
value 0.17234
scoring_system epss
scoring_elements 0.95159
published_at 2026-06-06T12:55:00Z
2
value 0.17234
scoring_system epss
scoring_elements 0.95161
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-51385
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2255271
reference_id 2255271
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2255271
6
reference_url http://www.openwall.com/lists/oss-security/2023/12/26/4
reference_id 4
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url http://www.openwall.com/lists/oss-security/2023/12/26/4
7
reference_url https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
reference_id 7ef3787c84b6b524501211b11a26c742f829af1a
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a
8
reference_url https://security.netapp.com/advisory/ntap-20240105-0005/
reference_id ntap-20240105-0005
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://security.netapp.com/advisory/ntap-20240105-0005/
9
reference_url https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
reference_id openssh-proxycommand-libssh-rce.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/
url https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html
10
reference_url https://access.redhat.com/errata/RHSA-2024:0429
reference_id RHSA-2024:0429
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0429
11
reference_url https://access.redhat.com/errata/RHSA-2024:0455
reference_id RHSA-2024:0455
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0455
12
reference_url https://access.redhat.com/errata/RHSA-2024:0594
reference_id RHSA-2024:0594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0594
13
reference_url https://access.redhat.com/errata/RHSA-2024:0606
reference_id RHSA-2024:0606
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0606
14
reference_url https://access.redhat.com/errata/RHSA-2024:1130
reference_id RHSA-2024:1130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1130
15
reference_url https://access.redhat.com/errata/RHSA-2024:1383
reference_id RHSA-2024:1383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1383
16
reference_url https://access.redhat.com/errata/RHSA-2026:1790
reference_id RHSA-2026:1790
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1790
17
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
18
reference_url https://usn.ubuntu.com/6560-2/
reference_id USN-6560-2
reference_type
scores
url https://usn.ubuntu.com/6560-2/
19
reference_url https://usn.ubuntu.com/6560-3/
reference_id USN-6560-3
reference_type
scores
url https://usn.ubuntu.com/6560-3/
20
reference_url https://usn.ubuntu.com/6565-1/
reference_id USN-6565-1
reference_type
scores
url https://usn.ubuntu.com/6565-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u2%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.6p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.6p1-1%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-51385
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugpp-5sa1-x7hq
88
url VCID-v4vu-tr2g-k3d1
vulnerability_id VCID-v4vu-tr2g-k3d1
summary Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1358
reference_id
reference_type
scores
0
value 0.04128
scoring_system epss
scoring_elements 0.88832
published_at 2026-06-04T12:55:00Z
1
value 0.04128
scoring_system epss
scoring_elements 0.8885
published_at 2026-06-06T12:55:00Z
2
value 0.04128
scoring_system epss
scoring_elements 0.88847
published_at 2026-06-08T12:55:00Z
3
value 0.04128
scoring_system epss
scoring_elements 0.88864
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1358
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-1358
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v4vu-tr2g-k3d1
89
url VCID-v674-zesy-4khe
vulnerability_id VCID-v674-zesy-4khe
summary The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-5107
reference_id
reference_type
scores
0
value 0.01905
scoring_system epss
scoring_elements 0.83592
published_at 2026-06-04T12:55:00Z
1
value 0.01905
scoring_system epss
scoring_elements 0.83616
published_at 2026-06-05T12:55:00Z
2
value 0.02271
scoring_system epss
scoring_elements 0.84979
published_at 2026-06-09T12:55:00Z
3
value 0.02271
scoring_system epss
scoring_elements 0.8498
published_at 2026-06-06T12:55:00Z
4
value 0.02271
scoring_system epss
scoring_elements 0.84974
published_at 2026-06-07T12:55:00Z
5
value 0.02271
scoring_system epss
scoring_elements 0.84964
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-5107
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107
3
reference_url http://www.openwall.com/lists/oss-security/2013/02/07/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.openwall.com/lists/oss-security/2013/02/07/3
4
reference_url http://www.securityfocus.com/bid/58162
reference_id 58162
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.securityfocus.com/bid/58162
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102
reference_id 700102
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=908707
reference_id 908707
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=908707
7
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
8
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id linuxbulletinjan2016-2867209.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
9
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515
reference_id oval%3Aorg.mitre.oval%3Adef%3A19515
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515
10
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595
reference_id oval%3Aorg.mitre.oval%3Adef%3A19595
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595
11
reference_url https://access.redhat.com/errata/RHSA-2013:1527
reference_id RHSA-2013:1527
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1527
12
reference_url https://access.redhat.com/errata/RHSA-2013:1591
reference_id RHSA-2013:1591
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1591
13
reference_url http://rhn.redhat.com/errata/RHSA-2013-1591.html
reference_id RHSA-2013-1591.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://rhn.redhat.com/errata/RHSA-2013-1591.html
14
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234
reference_id servconf.c?r1=1.234#rev1.234
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234
15
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156
reference_id sshd_config.5?r1=1.156#rev1.156
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156
16
reference_url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89
reference_id sshd_config?r1=1.89#rev1.89
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/
url http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89
fixed_packages
0
url pkg:deb/debian/openssh@1:6.0p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:6.0p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2010-5107
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v674-zesy-4khe
90
url VCID-vdfz-zwyf-x3he
vulnerability_id VCID-vdfz-zwyf-x3he
summary sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0765
reference_id
reference_type
scores
0
value 0.00602
scoring_system epss
scoring_elements 0.69903
published_at 2026-06-04T12:55:00Z
1
value 0.00602
scoring_system epss
scoring_elements 0.69943
published_at 2026-06-05T12:55:00Z
2
value 0.00602
scoring_system epss
scoring_elements 0.69952
published_at 2026-06-06T12:55:00Z
3
value 0.00602
scoring_system epss
scoring_elements 0.69938
published_at 2026-06-07T12:55:00Z
4
value 0.00602
scoring_system epss
scoring_elements 0.69926
published_at 2026-06-08T12:55:00Z
5
value 0.00602
scoring_system epss
scoring_elements 0.69949
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0765
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0765
fixed_packages
0
url pkg:deb/debian/openssh@1:3.3p1-0.0woody1?distro=trixie
purl pkg:deb/debian/openssh@1:3.3p1-0.0woody1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.3p1-0.0woody1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-0765
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdfz-zwyf-x3he
91
url VCID-w1dk-kqq2-duft
vulnerability_id VCID-w1dk-kqq2-duft
summary sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remote attackers to cause a denial of service (connection consumption).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2069.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2069.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-2069
reference_id
reference_type
scores
0
value 0.0485
scoring_system epss
scoring_elements 0.89723
published_at 2026-06-04T12:55:00Z
1
value 0.0485
scoring_system epss
scoring_elements 0.8974
published_at 2026-06-05T12:55:00Z
2
value 0.0485
scoring_system epss
scoring_elements 0.89742
published_at 2026-06-08T12:55:00Z
3
value 0.0485
scoring_system epss
scoring_elements 0.89741
published_at 2026-06-07T12:55:00Z
4
value 0.0485
scoring_system epss
scoring_elements 0.89756
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-2069
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2069
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617421
reference_id 1617421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617421
4
reference_url https://access.redhat.com/errata/RHSA-2005:550
reference_id RHSA-2005:550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:550
fixed_packages
0
url pkg:deb/debian/openssh@1:3.8p1?distro=trixie
purl pkg:deb/debian/openssh@1:3.8p1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8p1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2004-2069
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w1dk-kqq2-duft
92
url VCID-wfdm-asd6-n7gp
vulnerability_id VCID-wfdm-asd6-n7gp
summary Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5161.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5161.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-5161
reference_id
reference_type
scores
0
value 0.0164
scoring_system epss
scoring_elements 0.8231
published_at 2026-06-07T12:55:00Z
1
value 0.0164
scoring_system epss
scoring_elements 0.82318
published_at 2026-06-09T12:55:00Z
2
value 0.0164
scoring_system epss
scoring_elements 0.82304
published_at 2026-06-08T12:55:00Z
3
value 0.01854
scoring_system epss
scoring_elements 0.83371
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-5161
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161
3
reference_url http://www.vupen.com/english/advisories/2009/1135
reference_id 1135
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.vupen.com/english/advisories/2009/1135
4
reference_url http://support.attachmate.com/techdocs/2398.html
reference_id 2398.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://support.attachmate.com/techdocs/2398.html
5
reference_url http://www.vupen.com/english/advisories/2008/3172
reference_id 3172
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.vupen.com/english/advisories/2008/3172
6
reference_url http://www.vupen.com/english/advisories/2008/3173
reference_id 3173
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.vupen.com/english/advisories/2008/3173
7
reference_url http://www.vupen.com/english/advisories/2009/3184
reference_id 3184
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.vupen.com/english/advisories/2009/3184
8
reference_url http://www.securityfocus.com/bid/32319
reference_id 32319
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securityfocus.com/bid/32319
9
reference_url http://secunia.com/advisories/32740
reference_id 32740
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/32740
10
reference_url http://secunia.com/advisories/32760
reference_id 32760
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/32760
11
reference_url http://secunia.com/advisories/32833
reference_id 32833
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/32833
12
reference_url http://secunia.com/advisories/33121
reference_id 33121
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/33121
13
reference_url http://secunia.com/advisories/33308
reference_id 33308
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/33308
14
reference_url http://www.vupen.com/english/advisories/2008/3409
reference_id 3409
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.vupen.com/english/advisories/2008/3409
15
reference_url http://secunia.com/advisories/34857
reference_id 34857
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/34857
16
reference_url http://secunia.com/advisories/36558
reference_id 36558
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://secunia.com/advisories/36558
17
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/46620
reference_id 46620
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url https://exchange.xforce.ibmcloud.com/vulnerabilities/46620
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=472068
reference_id 472068
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=472068
19
reference_url http://osvdb.org/49872
reference_id 49872
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://osvdb.org/49872
20
reference_url http://osvdb.org/50035
reference_id 50035
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://osvdb.org/50035
21
reference_url http://osvdb.org/50036
reference_id 50036
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://osvdb.org/50036
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506115
reference_id 506115
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506115
23
reference_url http://www.ssh.com/company/news/article/953/
reference_id 953
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.ssh.com/company/news/article/953/
24
reference_url http://www.kb.cert.org/vuls/id/958563
reference_id 958563
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.kb.cert.org/vuls/id/958563
25
reference_url http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm
reference_id ASA-2008-503.htm
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm
26
reference_url http://openssh.org/txt/cbc.adv
reference_id cbc.adv
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://openssh.org/txt/cbc.adv
27
reference_url http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html
reference_id CPNI957037.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html
28
reference_url http://isc.sans.org/diary.html?storyid=5366
reference_id diary.html?storyid=5366
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://isc.sans.org/diary.html?storyid=5366
29
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
reference_id docDisplay?docId=emr_na-c05157667
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
30
reference_url http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
reference_id document.do?assetkey=1-66-247186-1
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
31
reference_url https://security.gentoo.org/glsa/201405-06
reference_id GLSA-201405-06
reference_type
scores
url https://security.gentoo.org/glsa/201405-06
32
reference_url http://support.apple.com/kb/HT3937
reference_id HT3937
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://support.apple.com/kb/HT3937
33
reference_url http://www.securitytracker.com/id?1021235
reference_id id?1021235
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securitytracker.com/id?1021235
34
reference_url http://www.securitytracker.com/id?1021236
reference_id id?1021236
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securitytracker.com/id?1021236
35
reference_url http://www.securitytracker.com/id?1021382
reference_id id?1021382
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securitytracker.com/id?1021382
36
reference_url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
reference_id index?page=content&id=JSA10705
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
37
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10106
reference_id index?page=content&id=SB10106
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10106
38
reference_url https://kc.mcafee.com/corporate/index?page=content&id=SB10163
reference_id index?page=content&id=SB10163
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url https://kc.mcafee.com/corporate/index?page=content&id=SB10163
39
reference_url http://marc.info/?l=bugtraq&m=125017764422557&w=2
reference_id ?l=bugtraq&m=125017764422557&w=2
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://marc.info/?l=bugtraq&m=125017764422557&w=2
40
reference_url http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
reference_id msg00000.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
41
reference_url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
reference_id oval%3Aorg.mitre.oval%3Adef%3A11279
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
42
reference_url https://access.redhat.com/errata/RHSA-2009:1287
reference_id RHSA-2009:1287
reference_type
scores
url https://access.redhat.com/errata/RHSA-2009:1287
43
reference_url http://rhn.redhat.com/errata/RHSA-2009-1287.html
reference_id RHSA-2009-1287.html
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://rhn.redhat.com/errata/RHSA-2009-1287.html
44
reference_url http://www.securityfocus.com/archive/1/498558/100/0/threaded
reference_id threaded
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securityfocus.com/archive/1/498558/100/0/threaded
45
reference_url http://www.securityfocus.com/archive/1/498579/100/0/threaded
reference_id threaded
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.securityfocus.com/archive/1/498579/100/0/threaded
46
reference_url http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
reference_id Vulnerability_Advisory_SSH.txt
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/
url http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
fixed_packages
0
url pkg:deb/debian/openssh@1:5.1p1-5?distro=trixie
purl pkg:deb/debian/openssh@1:5.1p1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.1p1-5%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-5161
risk_score 6.6
exploitability 2.0
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wfdm-asd6-n7gp
93
url VCID-wyhg-ehh4-n3dq
vulnerability_id VCID-wyhg-ehh4-n3dq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25136.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25136
reference_id
reference_type
scores
0
value 0.88329
scoring_system epss
scoring_elements 0.99512
published_at 2026-06-04T12:55:00Z
1
value 0.88329
scoring_system epss
scoring_elements 0.99514
published_at 2026-06-08T12:55:00Z
2
value 0.88329
scoring_system epss
scoring_elements 0.99515
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25136
2
reference_url https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/017_sshd.patch.sig
reference_id 017_sshd.patch.sig
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://ftp.openbsd.org/pub/OpenBSD/patches/7.2/common/017_sshd.patch.sig
3
reference_url http://www.openwall.com/lists/oss-security/2023/02/13/1
reference_id 1
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/02/13/1
4
reference_url http://www.openwall.com/lists/oss-security/2023/02/22/1
reference_id 1
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/02/22/1
5
reference_url http://www.openwall.com/lists/oss-security/2023/03/06/1
reference_id 1
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/03/06/1
6
reference_url https://www.openwall.com/lists/oss-security/2023/02/02/2
reference_id 2
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://www.openwall.com/lists/oss-security/2023/02/02/2
7
reference_url http://www.openwall.com/lists/oss-security/2023/02/22/2
reference_id 2
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/02/22/2
8
reference_url http://www.openwall.com/lists/oss-security/2023/03/09/2
reference_id 2
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/03/09/2
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2167636
reference_id 2167636
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2167636
10
reference_url http://www.openwall.com/lists/oss-security/2023/02/23/3
reference_id 3
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url http://www.openwall.com/lists/oss-security/2023/02/23/3
11
reference_url https://github.com/openssh/openssh-portable/commit/486c4dc3b83b4b67d663fb0fa62bc24138ec3946
reference_id 486c4dc3b83b4b67d663fb0fa62bc24138ec3946
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://github.com/openssh/openssh-portable/commit/486c4dc3b83b4b67d663fb0fa62bc24138ec3946
12
reference_url https://security.archlinux.org/AVG-2832
reference_id AVG-2832
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2832
13
reference_url https://security.gentoo.org/glsa/202307-01
reference_id GLSA-202307-01
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://security.gentoo.org/glsa/202307-01
14
reference_url https://news.ycombinator.com/item?id=34711565
reference_id item?id=34711565
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://news.ycombinator.com/item?id=34711565
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JGAUIXJ3TEKCRKVWFQ6GDAGQFTIIGQQP/
reference_id JGAUIXJ3TEKCRKVWFQ6GDAGQFTIIGQQP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JGAUIXJ3TEKCRKVWFQ6GDAGQFTIIGQQP/
16
reference_url https://security.netapp.com/advisory/ntap-20230309-0003/
reference_id ntap-20230309-0003
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://security.netapp.com/advisory/ntap-20230309-0003/
17
reference_url https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/
reference_id openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7LKQDFZWKYHQ65TBSH2X2HJQ4V2THS3/
reference_id R7LKQDFZWKYHQ65TBSH2X2HJQ4V2THS3
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7LKQDFZWKYHQ65TBSH2X2HJQ4V2THS3/
19
reference_url https://access.redhat.com/errata/RHSA-2023:2645
reference_id RHSA-2023:2645
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2645
20
reference_url https://bugzilla.mindrot.org/show_bug.cgi?id=3522
reference_id show_bug.cgi?id=3522
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-27T17:36:59Z/
url https://bugzilla.mindrot.org/show_bug.cgi?id=3522
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-1%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-25136
risk_score 10.0
exploitability 2.0
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wyhg-ehh4-n3dq
94
url VCID-xveu-shk1-b3fa
vulnerability_id VCID-xveu-shk1-b3fa
summary The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2008-2285
reference_id
reference_type
scores
0
value 0.00356
scoring_system epss
scoring_elements 0.58144
published_at 2026-06-04T12:55:00Z
1
value 0.00356
scoring_system epss
scoring_elements 0.58194
published_at 2026-06-05T12:55:00Z
2
value 0.00356
scoring_system epss
scoring_elements 0.58203
published_at 2026-06-06T12:55:00Z
3
value 0.00356
scoring_system epss
scoring_elements 0.58191
published_at 2026-06-07T12:55:00Z
4
value 0.00356
scoring_system epss
scoring_elements 0.58176
published_at 2026-06-08T12:55:00Z
5
value 0.00356
scoring_system epss
scoring_elements 0.58193
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2008-2285
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2285
2
reference_url https://usn.ubuntu.com/612-5/
reference_id USN-612-5
reference_type
scores
url https://usn.ubuntu.com/612-5/
fixed_packages
0
url pkg:deb/debian/openssh@1:4.7p1-10?distro=trixie
purl pkg:deb/debian/openssh@1:4.7p1-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:4.7p1-10%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2008-2285
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xveu-shk1-b3fa
95
url VCID-y2sq-esrz-1bcc
vulnerability_id VCID-y2sq-esrz-1bcc
summary Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0695.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0695.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0695
reference_id
reference_type
scores
0
value 0.01015
scoring_system epss
scoring_elements 0.77496
published_at 2026-06-04T12:55:00Z
1
value 0.01015
scoring_system epss
scoring_elements 0.77523
published_at 2026-06-07T12:55:00Z
2
value 0.01015
scoring_system epss
scoring_elements 0.77531
published_at 2026-06-06T12:55:00Z
3
value 0.01015
scoring_system epss
scoring_elements 0.77512
published_at 2026-06-08T12:55:00Z
4
value 0.01015
scoring_system epss
scoring_elements 0.77534
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0695
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0695
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617071
reference_id 1617071
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617071
4
reference_url https://access.redhat.com/errata/RHSA-2003:279
reference_id RHSA-2003:279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:279
5
reference_url https://access.redhat.com/errata/RHSA-2003:280
reference_id RHSA-2003:280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:280
fixed_packages
0
url pkg:deb/debian/openssh@1:3.7.1?distro=trixie
purl pkg:deb/debian/openssh@1:3.7.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.7.1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2003-0695
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2sq-esrz-1bcc
96
url VCID-y57k-m5yk-6qan
vulnerability_id VCID-y57k-m5yk-6qan
summary OpenSSH: OpenSSH: Arbitrary command execution via shell metacharacters in username
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35386.json
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35386
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.10577
published_at 2026-06-05T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.10475
published_at 2026-06-08T12:55:00Z
2
value 0.00034
scoring_system epss
scoring_elements 0.10562
published_at 2026-06-07T12:55:00Z
3
value 0.00034
scoring_system epss
scoring_elements 0.106
published_at 2026-06-06T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.12284
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35386
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132573
reference_id 1132573
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132573
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454506
reference_id 2454506
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454506
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:12:12Z/
url https://www.openssh.org/releasenotes.html#10.3p1
9
reference_url https://access.redhat.com/errata/RHSA-2026:12389
reference_id RHSA-2026:12389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12389
10
reference_url https://access.redhat.com/errata/RHSA-2026:13380
reference_id RHSA-2026:13380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13380
11
reference_url https://access.redhat.com/errata/RHSA-2026:13381
reference_id RHSA-2026:13381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13381
12
reference_url https://access.redhat.com/errata/RHSA-2026:13383
reference_id RHSA-2026:13383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13383
13
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
14
reference_url https://access.redhat.com/errata/RHSA-2026:16059
reference_id RHSA-2026:16059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16059
15
reference_url https://access.redhat.com/errata/RHSA-2026:19069
reference_id RHSA-2026:19069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19069
16
reference_url https://access.redhat.com/errata/RHSA-2026:19219
reference_id RHSA-2026:19219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19219
17
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
18
reference_url https://access.redhat.com/errata/RHSA-2026:21298
reference_id RHSA-2026:21298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21298
19
reference_url https://access.redhat.com/errata/RHSA-2026:21398
reference_id RHSA-2026:21398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21398
20
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
21
reference_url https://access.redhat.com/errata/RHSA-2026:22564
reference_id RHSA-2026:22564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22564
22
reference_url https://access.redhat.com/errata/RHSA-2026:22648
reference_id RHSA-2026:22648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22648
23
reference_url https://usn.ubuntu.com/8222-1/
reference_id USN-8222-1
reference_type
scores
url https://usn.ubuntu.com/8222-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-35386
risk_score 1.6
exploitability 0.5
weighted_severity 3.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y57k-m5yk-6qan
97
url VCID-yc7n-uqhg-wyhk
vulnerability_id VCID-yc7n-uqhg-wyhk
summary OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35385.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-35385.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35385
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.1849
published_at 2026-06-05T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18374
published_at 2026-06-08T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18455
published_at 2026-06-07T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18493
published_at 2026-06-06T12:55:00Z
4
value 0.00067
scoring_system epss
scoring_elements 0.20833
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35385
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35385
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-35385
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132572
reference_id 1132572
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132572
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454469
reference_id 2454469
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454469
6
reference_url https://www.openwall.com/lists/oss-security/2026/04/02/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://www.openwall.com/lists/oss-security/2026/04/02/3
7
reference_url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
reference_id ?l=openssh-unix-dev&m=177513443901484&w=2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://marc.info/?l=openssh-unix-dev&m=177513443901484&w=2
8
reference_url https://www.openssh.org/releasenotes.html#10.3p1
reference_id releasenotes.html#10.3p1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-02T17:06:07Z/
url https://www.openssh.org/releasenotes.html#10.3p1
9
reference_url https://access.redhat.com/errata/RHSA-2026:12389
reference_id RHSA-2026:12389
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:12389
10
reference_url https://access.redhat.com/errata/RHSA-2026:13380
reference_id RHSA-2026:13380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13380
11
reference_url https://access.redhat.com/errata/RHSA-2026:13381
reference_id RHSA-2026:13381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13381
12
reference_url https://access.redhat.com/errata/RHSA-2026:13383
reference_id RHSA-2026:13383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:13383
13
reference_url https://access.redhat.com/errata/RHSA-2026:14937
reference_id RHSA-2026:14937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:14937
14
reference_url https://access.redhat.com/errata/RHSA-2026:16059
reference_id RHSA-2026:16059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:16059
15
reference_url https://access.redhat.com/errata/RHSA-2026:19069
reference_id RHSA-2026:19069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19069
16
reference_url https://access.redhat.com/errata/RHSA-2026:19219
reference_id RHSA-2026:19219
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:19219
17
reference_url https://access.redhat.com/errata/RHSA-2026:20040
reference_id RHSA-2026:20040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:20040
18
reference_url https://access.redhat.com/errata/RHSA-2026:21275
reference_id RHSA-2026:21275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21275
19
reference_url https://access.redhat.com/errata/RHSA-2026:21298
reference_id RHSA-2026:21298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21298
20
reference_url https://access.redhat.com/errata/RHSA-2026:21398
reference_id RHSA-2026:21398
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:21398
21
reference_url https://access.redhat.com/errata/RHSA-2026:22329
reference_id RHSA-2026:22329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22329
22
reference_url https://access.redhat.com/errata/RHSA-2026:22468
reference_id RHSA-2026:22468
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22468
23
reference_url https://access.redhat.com/errata/RHSA-2026:22564
reference_id RHSA-2026:22564
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22564
24
reference_url https://access.redhat.com/errata/RHSA-2026:22648
reference_id RHSA-2026:22648
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:22648
25
reference_url https://usn.ubuntu.com/8222-1/
reference_id USN-8222-1
reference_type
scores
url https://usn.ubuntu.com/8222-1/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u7%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2026-35385
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yc7n-uqhg-wyhk
98
url VCID-ye33-vf29-ubds
vulnerability_id VCID-ye33-vf29-ubds
summary SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1715
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27949
published_at 2026-06-04T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28018
published_at 2026-06-05T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.27968
published_at 2026-06-06T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.27932
published_at 2026-06-07T12:55:00Z
4
value 0.00104
scoring_system epss
scoring_elements 0.27888
published_at 2026-06-08T12:55:00Z
5
value 0.00104
scoring_system epss
scoring_elements 0.27895
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1715
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt
reference_id CVE-2002-1715;OSVDB-23589
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/21398.txt
2
reference_url https://www.securityfocus.com/bid/4547/info
reference_id CVE-2002-1715;OSVDB-23589
reference_type exploit
scores
url https://www.securityfocus.com/bid/4547/info
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-1715
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ye33-vf29-ubds
99
url VCID-yf3t-3w2v-x3gg
vulnerability_id VCID-yf3t-3w2v-x3gg
summary FreeBSD 9.1, 9.2, and 10.0, when compiling OpenSSH with Kerberos support, uses incorrect library ordering when linking sshd, which causes symbols to be resolved incorrectly and allows remote attackers to cause a denial of service (sshd deadlock and prevention of new connections) by ending multiple connections before authentication is completed.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8475
reference_id
reference_type
scores
0
value 0.0127
scoring_system epss
scoring_elements 0.79828
published_at 2026-06-04T12:55:00Z
1
value 0.0127
scoring_system epss
scoring_elements 0.79854
published_at 2026-06-07T12:55:00Z
2
value 0.0127
scoring_system epss
scoring_elements 0.79859
published_at 2026-06-06T12:55:00Z
3
value 0.0127
scoring_system epss
scoring_elements 0.79844
published_at 2026-06-08T12:55:00Z
4
value 0.0127
scoring_system epss
scoring_elements 0.79862
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8475
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2014-8475
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yf3t-3w2v-x3gg
100
url VCID-yf3u-639n-ake8
vulnerability_id VCID-yf3u-639n-ake8
summary The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8858
reference_id
reference_type
scores
0
value 0.31178
scoring_system epss
scoring_elements 0.96867
published_at 2026-06-09T12:55:00Z
1
value 0.31178
scoring_system epss
scoring_elements 0.96853
published_at 2026-06-04T12:55:00Z
2
value 0.31178
scoring_system epss
scoring_elements 0.96858
published_at 2026-06-05T12:55:00Z
3
value 0.31178
scoring_system epss
scoring_elements 0.96862
published_at 2026-06-08T12:55:00Z
4
value 0.31178
scoring_system epss
scoring_elements 0.96863
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8858
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig
reference_id 013_ssh_kexinit.patch.sig
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/013_ssh_kexinit.patch.sig
5
reference_url http://www.openwall.com/lists/oss-security/2016/10/20/1
reference_id 1
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://www.openwall.com/lists/oss-security/2016/10/20/1
6
reference_url http://www.securitytracker.com/id/1037057
reference_id 1037057
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://www.securitytracker.com/id/1037057
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1384860
reference_id 1384860
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=1384860
8
reference_url http://www.openwall.com/lists/oss-security/2016/10/19/3
reference_id 3
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://www.openwall.com/lists/oss-security/2016/10/19/3
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884
reference_id 841884
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884
10
reference_url http://www.securityfocus.com/bid/93776
reference_id 93776
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://www.securityfocus.com/bid/93776
11
reference_url https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad
reference_id ec165c392ca54317dbe3064a8c200de6531e89ad
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe3064a8c200de6531e89ad
12
reference_url https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc
reference_id FreeBSD-SA-16:33.openssh.asc
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://security.FreeBSD.org/advisories/FreeBSD-SA-16:33.openssh.asc
13
reference_url https://security.gentoo.org/glsa/201612-18
reference_id GLSA-201612-18
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://security.gentoo.org/glsa/201612-18
14
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h
reference_id kex.c.diff?r1=1.126&r2=1.127&f=h
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.126&r2=1.127&f=h
15
reference_url https://security.netapp.com/advisory/ntap-20180201-0001/
reference_id ntap-20180201-0001
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://security.netapp.com/advisory/ntap-20180201-0001/
16
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
17
reference_url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
reference_id x-cvsweb-markup
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-15T16:36:39Z/
url http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/kex.c?rev=1.127&content-type=text/x-cvsweb-markup
fixed_packages
0
url pkg:deb/debian/openssh@1:7.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:7.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.3p1-2%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-8858
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yf3u-639n-ake8
101
url VCID-yn56-bpaq-xfaj
vulnerability_id VCID-yn56-bpaq-xfaj
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-6109
reference_id
reference_type
scores
0
value 0.09738
scoring_system epss
scoring_elements 0.93098
published_at 2026-06-05T12:55:00Z
1
value 0.09738
scoring_system epss
scoring_elements 0.93093
published_at 2026-06-07T12:55:00Z
2
value 0.09738
scoring_system epss
scoring_elements 0.93087
published_at 2026-06-04T12:55:00Z
3
value 0.09738
scoring_system epss
scoring_elements 0.931
published_at 2026-06-09T12:55:00Z
4
value 0.09738
scoring_system epss
scoring_elements 0.93091
published_at 2026-06-08T12:55:00Z
5
value 0.09738
scoring_system epss
scoring_elements 0.93097
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-6109
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1666119
reference_id 1666119
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1666119
7
reference_url https://usn.ubuntu.com/3885-1/
reference_id 3885-1
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://usn.ubuntu.com/3885-1/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412
reference_id 793412
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412
9
reference_url https://security.archlinux.org/ASA-201904-11
reference_id ASA-201904-11
reference_type
scores
url https://security.archlinux.org/ASA-201904-11
10
reference_url https://security.archlinux.org/AVG-951
reference_id AVG-951
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-951
11
reference_url https://www.debian.org/security/2019/dsa-4387
reference_id dsa-4387
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://www.debian.org/security/2019/dsa-4387
12
reference_url https://security.gentoo.org/glsa/201903-16
reference_id GLSA-201903-16
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://security.gentoo.org/glsa/201903-16
13
reference_url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
reference_id msg00030.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html
14
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
reference_id msg00058.html
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html
15
reference_url https://security.netapp.com/advisory/ntap-20190213-0001/
reference_id ntap-20190213-0001
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://security.netapp.com/advisory/ntap-20190213-0001/
16
reference_url https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c
reference_id progressmeter.c
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://cvsweb.openbsd.org/src/usr.bin/ssh/progressmeter.c
17
reference_url https://access.redhat.com/errata/RHSA-2019:3702
reference_id RHSA-2019:3702
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://access.redhat.com/errata/RHSA-2019:3702
18
reference_url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
reference_id scp.c
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c
19
reference_url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
reference_id scp-client-multiple-vulnerabilities.txt
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
20
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
reference_id W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G
reference_type
scores
0
value 6.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:13:52Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/
fixed_packages
0
url pkg:deb/debian/openssh@1:7.9p1-6?distro=trixie
purl pkg:deb/debian/openssh@1:7.9p1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-6%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2019-6109
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yn56-bpaq-xfaj
102
url VCID-zcz8-fkvt-wbh7
vulnerability_id VCID-zcz8-fkvt-wbh7
summary ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4327.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-4327
reference_id
reference_type
scores
0
value 0.00121
scoring_system epss
scoring_elements 0.3065
published_at 2026-06-04T12:55:00Z
1
value 0.00121
scoring_system epss
scoring_elements 0.30723
published_at 2026-06-05T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.3113
published_at 2026-06-08T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31153
published_at 2026-06-09T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31198
published_at 2026-06-06T12:55:00Z
5
value 0.00124
scoring_system epss
scoring_elements 0.31162
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-4327
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=755640
reference_id 755640
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:31:12Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=755640
3
reference_url http://www.openssh.com/txt/portable-keysign-rand-helper.adv
reference_id portable-keysign-rand-helper.adv
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:31:12Z/
url http://www.openssh.com/txt/portable-keysign-rand-helper.adv
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2011-4327
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zcz8-fkvt-wbh7
103
url VCID-zek8-zt8z-4qgh
vulnerability_id VCID-zek8-zt8z-4qgh
summary openssh: Remote code execution in ssh-agent PKCS#11 support
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-38408
reference_id
reference_type
scores
0
value 0.64352
scoring_system epss
scoring_elements 0.98466
published_at 2026-06-08T12:55:00Z
1
value 0.64352
scoring_system epss
scoring_elements 0.98465
published_at 2026-06-09T12:55:00Z
2
value 0.64352
scoring_system epss
scoring_elements 0.98467
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-38408
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.openwall.com/lists/oss-security/2023/07/20/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/07/20/1
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460
reference_id 1042460
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460
6
reference_url http://www.openwall.com/lists/oss-security/2023/09/22/11
reference_id 11
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/09/22/11
7
reference_url http://www.openwall.com/lists/oss-security/2023/07/20/2
reference_id 2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/07/20/2
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2224173
reference_id 2224173
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2224173
9
reference_url https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
reference_id 7bc29a9d5cd697290aa056e94ecee6253d3425f8
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8
10
reference_url http://www.openwall.com/lists/oss-security/2023/09/22/9
reference_id 9
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://www.openwall.com/lists/oss-security/2023/09/22/9
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/
reference_id CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/
12
reference_url https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
reference_id cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent
13
reference_url https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408
reference_id exploring-opensshs-agent-forwarding-rce-cve-2023-38408
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408
14
reference_url https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
reference_id f03a4faa55c4ce0818324701dadbf91988d7351d
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d
15
reference_url https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
reference_id f8f5a6b003981bb824329dc987d101977beda7ca
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca
16
reference_url https://security.gentoo.org/glsa/202307-01
reference_id GLSA-202307-01
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://security.gentoo.org/glsa/202307-01
17
reference_url https://support.apple.com/kb/HT213940
reference_id HT213940
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://support.apple.com/kb/HT213940
18
reference_url https://news.ycombinator.com/item?id=36790196
reference_id item?id=36790196
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://news.ycombinator.com/item?id=36790196
19
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html
reference_id msg00021.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html
20
reference_url https://security.netapp.com/advisory/ntap-20230803-0010/
reference_id ntap-20230803-0010
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://security.netapp.com/advisory/ntap-20230803-0010/
21
reference_url http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
reference_id OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/
reference_id RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/
23
reference_url https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
reference_id rce-openssh-forwarded-ssh-agent.txt
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt
24
reference_url https://www.openssh.com/txt/release-9.3p2
reference_id release-9.3p2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.openssh.com/txt/release-9.3p2
25
reference_url https://access.redhat.com/errata/RHSA-2023:4329
reference_id RHSA-2023:4329
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4329
26
reference_url https://access.redhat.com/errata/RHSA-2023:4381
reference_id RHSA-2023:4381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4381
27
reference_url https://access.redhat.com/errata/RHSA-2023:4382
reference_id RHSA-2023:4382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4382
28
reference_url https://access.redhat.com/errata/RHSA-2023:4383
reference_id RHSA-2023:4383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4383
29
reference_url https://access.redhat.com/errata/RHSA-2023:4384
reference_id RHSA-2023:4384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4384
30
reference_url https://access.redhat.com/errata/RHSA-2023:4412
reference_id RHSA-2023:4412
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4412
31
reference_url https://access.redhat.com/errata/RHSA-2023:4413
reference_id RHSA-2023:4413
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4413
32
reference_url https://access.redhat.com/errata/RHSA-2023:4419
reference_id RHSA-2023:4419
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4419
33
reference_url https://access.redhat.com/errata/RHSA-2023:4428
reference_id RHSA-2023:4428
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4428
34
reference_url https://access.redhat.com/errata/RHSA-2023:4889
reference_id RHSA-2023:4889
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4889
35
reference_url https://www.openssh.com/security.html
reference_id security.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/
url https://www.openssh.com/security.html
36
reference_url https://usn.ubuntu.com/6242-1/
reference_id USN-6242-1
reference_type
scores
url https://usn.ubuntu.com/6242-1/
37
reference_url https://usn.ubuntu.com/6242-2/
reference_id USN-6242-2
reference_type
scores
url https://usn.ubuntu.com/6242-2/
fixed_packages
0
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:9.3p2-1?distro=trixie
purl pkg:deb/debian/openssh@1:9.3p2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.3p2-1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
7
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2023-38408
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zek8-zt8z-4qgh
104
url VCID-zm3p-3m17-47cy
vulnerability_id VCID-zm3p-3m17-47cy
summary The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-10012
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.06419
published_at 2026-06-09T12:55:00Z
1
value 0.00022
scoring_system epss
scoring_elements 0.06446
published_at 2026-06-04T12:55:00Z
2
value 0.00022
scoring_system epss
scoring_elements 0.06475
published_at 2026-06-05T12:55:00Z
3
value 0.00022
scoring_system epss
scoring_elements 0.06467
published_at 2026-06-06T12:55:00Z
4
value 0.00022
scoring_system epss
scoring_elements 0.06458
published_at 2026-06-07T12:55:00Z
5
value 0.00022
scoring_system epss
scoring_elements 0.06411
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-10012
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:S/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url http://www.securitytracker.com/id/1037490
reference_id 1037490
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url http://www.securitytracker.com/id/1037490
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406293
reference_id 1406293
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406293
6
reference_url http://www.openwall.com/lists/oss-security/2016/12/19/2
reference_id 2
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url http://www.openwall.com/lists/oss-security/2016/12/19/2
7
reference_url https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9
reference_id 3095060f479b86288e31c79ecbc5131a66bcd2f9
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717
reference_id 848717
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717
9
reference_url http://www.securityfocus.com/bid/94975
reference_id 94975
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url http://www.securityfocus.com/bid/94975
10
reference_url https://security.archlinux.org/ASA-201612-20
reference_id ASA-201612-20
reference_type
scores
url https://security.archlinux.org/ASA-201612-20
11
reference_url https://security.archlinux.org/AVG-110
reference_id AVG-110
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-110
12
reference_url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_id display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us
13
reference_url https://support.f5.com/csp/article/K62201745?utm_source=f5support&amp%3Butm_medium=RSS
reference_id K62201745?utm_source=f5support&amp%3Butm_medium=RSS
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://support.f5.com/csp/article/K62201745?utm_source=f5support&amp%3Butm_medium=RSS
14
reference_url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
reference_id msg00010.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html
15
reference_url https://security.netapp.com/advisory/ntap-20171130-0002/
reference_id ntap-20171130-0002
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://security.netapp.com/advisory/ntap-20171130-0002/
16
reference_url https://www.openssh.com/txt/release-7.4
reference_id release-7.4
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://www.openssh.com/txt/release-7.4
17
reference_url https://access.redhat.com/errata/RHSA-2017:2029
reference_id RHSA-2017:2029
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://access.redhat.com/errata/RHSA-2017:2029
18
reference_url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
reference_id ssa-412672.pdf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
19
reference_url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_id viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/
url http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637
fixed_packages
0
url pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:7.4p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-1%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2016-10012
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zm3p-3m17-47cy
105
url VCID-zmqh-yb5v-t3aq
vulnerability_id VCID-zmqh-yb5v-t3aq
summary Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-1359
reference_id
reference_type
scores
0
value 0.86998
scoring_system epss
scoring_elements 0.99453
published_at 2026-06-04T12:55:00Z
1
value 0.86998
scoring_system epss
scoring_elements 0.99454
published_at 2026-06-05T12:55:00Z
2
value 0.86998
scoring_system epss
scoring_elements 0.99455
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-1359
1
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm
reference_id CVE-2002-1359
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/1788.pm
2
reference_url http://www.rapid7.com/advisories/R7-0009.html
reference_id CVE-2002-1359
reference_type exploit
scores
url http://www.rapid7.com/advisories/R7-0009.html
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb
reference_id CVE-2002-1359;OSVDB-8044
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/16463.rb
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2002-1359
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zmqh-yb5v-t3aq
106
url VCID-znq7-k9ez-nyce
vulnerability_id VCID-znq7-k9ez-nyce
summary The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1653.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1653
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.60245
published_at 2026-06-04T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.60292
published_at 2026-06-05T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.60295
published_at 2026-06-06T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.60282
published_at 2026-06-07T12:55:00Z
4
value 0.00389
scoring_system epss
scoring_elements 0.60265
published_at 2026-06-08T12:55:00Z
5
value 0.00389
scoring_system epss
scoring_elements 0.60283
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1653
fixed_packages
0
url pkg:deb/debian/openssh@0?distro=trixie
purl pkg:deb/debian/openssh@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@0%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ku5v-32rk-5qbv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-2%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie
aliases CVE-2004-1653
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znq7-k9ez-nyce
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-4%3Fdistro=trixie