{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","type":"ebuild","namespace":"net-misc","name":"openssh","version":"6.6_p1-r1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.1_p1-r2","latest_non_vulnerable_version":"9.9_p2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87497?format=json","vulnerability_id":"VCID-4hzf-4339-13b8","summary":"Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5161.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5161.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5161","reference_id":"","reference_type":"","scores":[{"value":"0.0164","scoring_system":"epss","scoring_elements":"0.8242","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0164","scoring_system":"epss","scoring_elements":"0.82355","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0164","scoring_system":"epss","scoring_elements":"0.82417","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0164","scoring_system":"epss","scoring_elements":"0.82426","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5161"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5161"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1135","reference_id":"1135","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.vupen.com/english/advisories/2009/1135"},{"reference_url":"http://support.attachmate.com/techdocs/2398.html","reference_id":"2398.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://support.attachmate.com/techdocs/2398.html"},{"reference_url":"http://www.vupen.com/english/advisories/2008/3172","reference_id":"3172","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.vupen.com/english/advisories/2008/3172"},{"reference_url":"http://www.vupen.com/english/advisories/2008/3173","reference_id":"3173","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.vupen.com/english/advisories/2008/3173"},{"reference_url":"http://www.vupen.com/english/advisories/2009/3184","reference_id":"3184","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.vupen.com/english/advisories/2009/3184"},{"reference_url":"http://www.securityfocus.com/bid/32319","reference_id":"32319","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securityfocus.com/bid/32319"},{"reference_url":"http://secunia.com/advisories/32740","reference_id":"32740","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/32740"},{"reference_url":"http://secunia.com/advisories/32760","reference_id":"32760","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/32760"},{"reference_url":"http://secunia.com/advisories/32833","reference_id":"32833","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/32833"},{"reference_url":"http://secunia.com/advisories/33121","reference_id":"33121","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/33121"},{"reference_url":"http://secunia.com/advisories/33308","reference_id":"33308","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/33308"},{"reference_url":"http://www.vupen.com/english/advisories/2008/3409","reference_id":"3409","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.vupen.com/english/advisories/2008/3409"},{"reference_url":"http://secunia.com/advisories/34857","reference_id":"34857","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/34857"},{"reference_url":"http://secunia.com/advisories/36558","reference_id":"36558","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://secunia.com/advisories/36558"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46620","reference_id":"46620","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=472068","reference_id":"472068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=472068"},{"reference_url":"http://osvdb.org/49872","reference_id":"49872","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://osvdb.org/49872"},{"reference_url":"http://osvdb.org/50035","reference_id":"50035","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://osvdb.org/50035"},{"reference_url":"http://osvdb.org/50036","reference_id":"50036","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://osvdb.org/50036"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506115","reference_id":"506115","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506115"},{"reference_url":"http://www.ssh.com/company/news/article/953/","reference_id":"953","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.ssh.com/company/news/article/953/"},{"reference_url":"http://www.kb.cert.org/vuls/id/958563","reference_id":"958563","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.kb.cert.org/vuls/id/958563"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm","reference_id":"ASA-2008-503.htm","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"},{"reference_url":"http://openssh.org/txt/cbc.adv","reference_id":"cbc.adv","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://openssh.org/txt/cbc.adv"},{"reference_url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html","reference_id":"CPNI957037.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"},{"reference_url":"http://isc.sans.org/diary.html?storyid=5366","reference_id":"diary.html?storyid=5366","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://isc.sans.org/diary.html?storyid=5366"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","reference_id":"docDisplay?docId=emr_na-c05157667","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1","reference_id":"document.do?assetkey=1-66-247186-1","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"http://support.apple.com/kb/HT3937","reference_id":"HT3937","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://support.apple.com/kb/HT3937"},{"reference_url":"http://www.securitytracker.com/id?1021235","reference_id":"id?1021235","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securitytracker.com/id?1021235"},{"reference_url":"http://www.securitytracker.com/id?1021236","reference_id":"id?1021236","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securitytracker.com/id?1021236"},{"reference_url":"http://www.securitytracker.com/id?1021382","reference_id":"id?1021382","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securitytracker.com/id?1021382"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","reference_id":"index?page=content&id=JSA10705","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106","reference_id":"index?page=content&id=SB10106","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106"},{"reference_url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163","reference_id":"index?page=content&id=SB10163","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163"},{"reference_url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2","reference_id":"?l=bugtraq&m=125017764422557&w=2","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A11279","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1287","reference_id":"RHSA-2009:1287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1287"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2009-1287.html","reference_id":"RHSA-2009-1287.html","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2009-1287.html"},{"reference_url":"http://www.securityfocus.com/archive/1/498558/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securityfocus.com/archive/1/498558/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/archive/1/498579/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.securityfocus.com/archive/1/498579/100/0/threaded"},{"reference_url":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt","reference_id":"Vulnerability_Advisory_SSH.txt","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:11:31Z/"}],"url":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2008-5161"],"risk_score":6.6,"exploitability":"2.0","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hzf-4339-13b8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87484?format=json","vulnerability_id":"VCID-8xuk-wu5f-6ygy","summary":"The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite.  NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys file in its own home directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0814","reference_id":"","reference_type":"","scores":[{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50698","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50694","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00268","scoring_system":"epss","scoring_elements":"0.50711","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00275","scoring_system":"epss","scoring_elements":"0.51293","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814"},{"reference_url":"http://openwall.com/lists/oss-security/2012/01/27/1","reference_id":"1","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://openwall.com/lists/oss-security/2012/01/27/1"},{"reference_url":"http://openwall.com/lists/oss-security/2012/01/26/15","reference_id":"15","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://openwall.com/lists/oss-security/2012/01/26/15"},{"reference_url":"http://openwall.com/lists/oss-security/2012/01/26/16","reference_id":"16","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://openwall.com/lists/oss-security/2012/01/26/16"},{"reference_url":"http://openwall.com/lists/oss-security/2012/01/27/4","reference_id":"4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://openwall.com/lists/oss-security/2012/01/27/4"},{"reference_url":"http://www.securityfocus.com/bid/51702","reference_id":"51702","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://www.securityfocus.com/bid/51702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445","reference_id":"657445","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72756","reference_id":"72756","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/72756"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785292","reference_id":"785292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785292"},{"reference_url":"http://osvdb.org/78706","reference_id":"78706","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://osvdb.org/78706"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c","reference_id":"auth-options.c","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c.diff?r1=1.53%3Br2=1.54","reference_id":"auth-options.c.diff?r1=1.53%3Br2=1.54","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth-options.c.diff?r1=1.53%3Br2=1.54"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445","reference_id":"bugreport.cgi?bug=657445","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673","reference_id":"index?page=content&id=JSA10673","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-22T10:26:37Z/"}],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2012-0814"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xuk-wu5f-6ygy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199?format=json","vulnerability_id":"VCID-aws5-8ugp-f3cb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2532","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2815","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27952","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28163","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.28174","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1029925","reference_id":"1029925","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.securitytracker.com/id/1029925"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077843","reference_id":"1077843","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077843"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html","reference_id":"133537.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133537.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html","reference_id":"134026.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134026.html"},{"reference_url":"http://secunia.com/advisories/57488","reference_id":"57488","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://secunia.com/advisories/57488"},{"reference_url":"http://secunia.com/advisories/57574","reference_id":"57574","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://secunia.com/advisories/57574"},{"reference_url":"http://secunia.com/advisories/59313","reference_id":"59313","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://secunia.com/advisories/59313"},{"reference_url":"http://secunia.com/advisories/59855","reference_id":"59855","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://secunia.com/advisories/59855"},{"reference_url":"http://www.securityfocus.com/bid/66355","reference_id":"66355","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.securityfocus.com/bid/66355"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91986","reference_id":"91986","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91986"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:068","reference_id":"advisories?name=MDVSA-2014:068","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2014:068"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:095","reference_id":"advisories?name=MDVSA-2015:095","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2015:095"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html","reference_id":"cpuapr2016v3-2985753.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html","reference_id":"cpujul2018-4258247.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html","reference_id":"cpuoct2016-2881722.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"},{"reference_url":"http://www.debian.org/security/2014/dsa-2894","reference_id":"dsa-2894","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.debian.org/security/2014/dsa-2894"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"https://support.apple.com/HT205267","reference_id":"HT205267","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"https://support.apple.com/HT205267"},{"reference_url":"http://marc.info/?l=bugtraq&m=141576985122836&w=2","reference_id":"?l=bugtraq&m=141576985122836&w=2","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://marc.info/?l=bugtraq&m=141576985122836&w=2"},{"reference_url":"http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2","reference_id":"?l=openbsd-security-announce&m=139492048027313&w=2","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://marc.info/?l=openbsd-security-announce&m=139492048027313&w=2"},{"reference_url":"http://advisories.mageia.org/MGASA-2014-0143.html","reference_id":"MGASA-2014-0143.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://advisories.mageia.org/MGASA-2014-0143.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html","reference_id":"msg00008.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html"},{"reference_url":"http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc","reference_id":"openssh_advisory4.asc","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://aix.software.ibm.com/aix/efixes/security/openssh_advisory4.asc"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1552","reference_id":"RHSA-2014:1552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1552"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1552.html","reference_id":"RHSA-2014-1552.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1552.html"},{"reference_url":"https://usn.ubuntu.com/2155-1/","reference_id":"USN-2155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2155-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2155-1","reference_id":"USN-2155-1","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-28T17:40:36Z/"}],"url":"http://www.ubuntu.com/usn/USN-2155-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2014-2532"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aws5-8ugp-f3cb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87305?format=json","vulnerability_id":"VCID-hstu-swz4-87g2","summary":"OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4478","reference_id":"","reference_type":"","scores":[{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.60021","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.60133","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.60141","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00383","scoring_system":"epss","scoring_elements":"0.60129","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4478"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=660642","reference_id":"660642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=660642"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673","reference_id":"index?page=content&id=JSA10673","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"},{"reference_url":"https://github.com/seb-m/jpake","reference_id":"jpake","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"https://github.com/seb-m/jpake"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h","reference_id":"jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c.diff?r1=1.4%3Br2=1.5%3Bf=h"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5","reference_id":"jpake.c#rev1.5","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/jpake.c#rev1.5"},{"reference_url":"http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf","reference_id":"jpake-session-key-retrieval.pdf","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"http://seb.dbzteam.org/crypto/jpake-session-key-retrieval.pdf"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A12338","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12338"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=659297","reference_id":"show_bug.cgi?id=659297","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-28T18:51:26Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=659297"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2010-4478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hstu-swz4-87g2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87299?format=json","vulnerability_id":"VCID-ub91-638t-zkg1","summary":"The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5107","reference_id":"","reference_type":"","scores":[{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.8501","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.85064","published_at":"2026-06-14T12:55:00Z"},{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.85071","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02271","scoring_system":"epss","scoring_elements":"0.85062","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/07/3","reference_id":"3","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.openwall.com/lists/oss-security/2013/02/07/3"},{"reference_url":"http://www.securityfocus.com/bid/58162","reference_id":"58162","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.securityfocus.com/bid/58162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102","reference_id":"700102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"cpujan2015-1972971.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"?l=bugtraq&m=144050155601375&w=2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"linuxbulletinjan2016-2867209.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A19515","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A19595","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1527","reference_id":"RHSA-2013:1527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1591","reference_id":"RHSA-2013:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1591"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1591.html","reference_id":"RHSA-2013-1591.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2013-1591.html"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234","reference_id":"servconf.c?r1=1.234#rev1.234","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=908707","reference_id":"show_bug.cgi?id=908707","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=908707"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156","reference_id":"sshd_config.5?r1=1.156#rev1.156","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89","reference_id":"sshd_config?r1=1.89#rev1.89","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:32:28Z/"}],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2010-5107"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ub91-638t-zkg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176883?format=json","vulnerability_id":"VCID-w614-bucg-hqby","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5000","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44956","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.45106","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.45121","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.45109","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=809938","reference_id":"809938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=809938"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0884","reference_id":"RHSA-2012:0884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0884"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2011-5000"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w614-bucg-hqby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176882?format=json","vulnerability_id":"VCID-ye6x-vq6y-7beb","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4755.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4755.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4755","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35603","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35783","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35803","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35786","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=681698","reference_id":"681698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=681698"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2214?format=json","purl":"pkg:ebuild/net-misc/openssh@6.6_p1-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}],"aliases":["CVE-2010-4755"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ye6x-vq6y-7beb"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/openssh@6.6_p1-r1"}