{"url":"http://public2.vulnerablecode.io/api/packages/446179?format=json","purl":"pkg:apk/alpine/openssh@7.4_p1-r0?arch=ppc64le&distroversion=v3.22&reponame=main","type":"apk","namespace":"alpine","name":"openssh","version":"7.4_p1-r0","qualifiers":{"arch":"ppc64le","distroversion":"v3.22","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.5_p1-r8","latest_non_vulnerable_version":"10.0_p1-r10","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96983?format=json","vulnerability_id":"VCID-dk46-7un2-z3bw","summary":"Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10009","reference_id":"","reference_type":"","scores":[{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81934","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81941","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81939","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81905","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.8194","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81949","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/07/20/1","reference_id":"1","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/07/20/1"},{"reference_url":"http://www.securitytracker.com/id/1037490","reference_id":"1037490","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.securitytracker.com/id/1037490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406269","reference_id":"1406269","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406269"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/19/2","reference_id":"2","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/19/2"},{"reference_url":"http://seclists.org/fulldisclosure/2023/Jul/31","reference_id":"31","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://seclists.org/fulldisclosure/2023/Jul/31"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"3538-1","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://usn.ubuntu.com/3538-1/"},{"reference_url":"https://www.exploit-db.com/exploits/40963/","reference_id":"40963","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://www.exploit-db.com/exploits/40963/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714","reference_id":"848714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/07/19/9","reference_id":"9","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/07/19/9"},{"reference_url":"https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5","reference_id":"9476ce1dd37d3c3218d5640b74c34c65e5f4efe5","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://github.com/openbsd/src/commit/9476ce1dd37d3c3218d5640b74c34c65e5f4efe5"},{"reference_url":"http://www.securityfocus.com/bid/94968","reference_id":"94968","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.securityfocus.com/bid/94968"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1009","reference_id":"CVE-2016-10009","reference_type":"exploit","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1009"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt","reference_id":"CVE-2016-10009","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"},{"reference_url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc","reference_id":"FreeBSD-SA-17:01.openssh.asc","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20171130-0002/","reference_id":"ntap-20171130-0002","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://security.netapp.com/advisory/ntap-20171130-0002/"},{"reference_url":"http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html","reference_id":"OpenSSH-Arbitrary-Library-Loading.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://packetstormsecurity.com/files/140261/OpenSSH-Arbitrary-Library-Loading.html"},{"reference_url":"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html","reference_id":"OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://packetstormsecurity.com/files/173661/OpenSSH-Forwarded-SSH-Agent-Remote-Code-Execution.html"},{"reference_url":"https://www.openssh.com/txt/release-7.4","reference_id":"release-7.4","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://www.openssh.com/txt/release-7.4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"ssa-412672.pdf","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_id":"viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:23:45Z/"}],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446179?format=json","purl":"pkg:apk/alpine/openssh@7.4_p1-r0?arch=ppc64le&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssh@7.4_p1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2016-10009"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dk46-7un2-z3bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96984?format=json","vulnerability_id":"VCID-gpxr-fhh7-ubcm","summary":"sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10010","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24871","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24893","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24988","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24976","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24921","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24862","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037490","reference_id":"1037490","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"http://www.securitytracker.com/id/1037490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406278","reference_id":"1406278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406278"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/19/2","reference_id":"2","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/19/2"},{"reference_url":"https://www.exploit-db.com/exploits/40962/","reference_id":"40962","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://www.exploit-db.com/exploits/40962/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715","reference_id":"848715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715"},{"reference_url":"http://www.securityfocus.com/bid/94972","reference_id":"94972","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"http://www.securityfocus.com/bid/94972"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce","reference_id":"c76fac666ea038753294f2ac94d310f8adece9ce","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://github.com/openbsd/src/commit/c76fac666ea038753294f2ac94d310f8adece9ce"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010","reference_id":"CVE-2016-10010","reference_type":"exploit","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt","reference_id":"CVE-2016-10010","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"},{"reference_url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc","reference_id":"FreeBSD-SA-17:01.openssh.asc","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-17:01.openssh.asc"},{"reference_url":"https://security.netapp.com/advisory/ntap-20171130-0002/","reference_id":"ntap-20171130-0002","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20171130-0002/"},{"reference_url":"http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html","reference_id":"OpenSSH-Local-Privilege-Escalation.html","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"http://packetstormsecurity.com/files/140262/OpenSSH-Local-Privilege-Escalation.html"},{"reference_url":"https://www.openssh.com/txt/release-7.4","reference_id":"release-7.4","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://www.openssh.com/txt/release-7.4"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"ssa-412672.pdf","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_id":"viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:22:39Z/"}],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446179?format=json","purl":"pkg:apk/alpine/openssh@7.4_p1-r0?arch=ppc64le&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssh@7.4_p1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2016-10010"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gpxr-fhh7-ubcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96985?format=json","vulnerability_id":"VCID-jpff-x78s-nkhw","summary":"authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10011","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03033","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0316","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03186","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03205","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03052","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03044","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037490","reference_id":"1037490","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"http://www.securitytracker.com/id/1037490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406286","reference_id":"1406286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406286"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/19/2","reference_id":"2","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/19/2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716","reference_id":"848716","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716"},{"reference_url":"http://www.securityfocus.com/bid/94977","reference_id":"94977","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"http://www.securityfocus.com/bid/94977"},{"reference_url":"https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9","reference_id":"ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://github.com/openbsd/src/commit/ac8147a06ed2e2403fb6b9a0c03e618a9333c0e9"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20171130-0002/","reference_id":"ntap-20171130-0002","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://security.netapp.com/advisory/ntap-20171130-0002/"},{"reference_url":"https://www.openssh.com/txt/release-7.4","reference_id":"release-7.4","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://www.openssh.com/txt/release-7.4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"ssa-412672.pdf","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf","reference_id":"ssa-676336.pdf","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_id":"viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T20:19:02Z/"}],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446179?format=json","purl":"pkg:apk/alpine/openssh@7.4_p1-r0?arch=ppc64le&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssh@7.4_p1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2016-10011"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpff-x78s-nkhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96986?format=json","vulnerability_id":"VCID-zm3p-3m17-47cy","summary":"The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10012","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06419","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06446","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06475","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06467","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06458","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06411","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1037490","reference_id":"1037490","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"http://www.securitytracker.com/id/1037490"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406293","reference_id":"1406293","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406293"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/19/2","reference_id":"2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/19/2"},{"reference_url":"https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9","reference_id":"3095060f479b86288e31c79ecbc5131a66bcd2f9","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://github.com/openbsd/src/commit/3095060f479b86288e31c79ecbc5131a66bcd2f9"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717","reference_id":"848717","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717"},{"reference_url":"http://www.securityfocus.com/bid/94975","reference_id":"94975","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"http://www.securityfocus.com/bid/94975"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbux03818en_us","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03818en_us"},{"reference_url":"https://support.f5.com/csp/article/K62201745?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K62201745?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://support.f5.com/csp/article/K62201745?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20171130-0002/","reference_id":"ntap-20171130-0002","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://security.netapp.com/advisory/ntap-20171130-0002/"},{"reference_url":"https://www.openssh.com/txt/release-7.4","reference_id":"release-7.4","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://www.openssh.com/txt/release-7.4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"ssa-412672.pdf","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_id":"viewer.php?l=slackware-security&y=2016&m=slackware-security.647637","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-30T19:00:16Z/"}],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.647637"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/446179?format=json","purl":"pkg:apk/alpine/openssh@7.4_p1-r0?arch=ppc64le&distroversion=v3.22&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssh@7.4_p1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main"}],"aliases":["CVE-2016-10012"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm3p-3m17-47cy"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/openssh@7.4_p1-r0%3Farch=ppc64le&distroversion=v3.22&reponame=main"}