{"url":"http://public2.vulnerablecode.io/api/packages/571190?format=json","purl":"pkg:deb/debian/openssh@1:5.5p1-6%2Bsqueeze8","type":"deb","namespace":"debian","name":"openssh","version":"1:5.5p1-6+squeeze8","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:9.2p1-2+deb12u10","latest_non_vulnerable_version":"1:10.3p1-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84974?format=json","vulnerability_id":"VCID-11sf-sq1n-8ybk","summary":"openssh: Denial of service via very long passwords","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6515.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6515","reference_id":"","reference_type":"","scores":[{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98932","published_at":"2026-05-14T12:55:00Z"},{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98924","published_at":"2026-05-05T12:55:00Z"},{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98925","published_at":"2026-05-07T12:55:00Z"},{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98926","published_at":"2026-05-09T12:55:00Z"},{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-05-11T12:55:00Z"},{"value":"0.75794","scoring_system":"epss","scoring_elements":"0.98929","published_at":"2026-05-12T12:55:00Z"},{"value":"0.81624","scoring_system":"epss","scoring_elements":"0.99188","published_at":"2026-04-18T12:55:00Z"},{"value":"0.81624","scoring_system":"epss","scoring_elements":"0.99184","published_at":"2026-04-07T12:55:00Z"},{"value":"0.81624","scoring_system":"epss","scoring_elements":"0.99185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.81624","scoring_system":"epss","scoring_elements":"0.99186","published_at":"2026-04-16T12:55:00Z"},{"value":"0.82549","scoring_system":"epss","scoring_elements":"0.99235","published_at":"2026-04-21T12:55:00Z"},{"value":"0.82549","scoring_system":"epss","scoring_elements":"0.99238","published_at":"2026-04-26T12:55:00Z"},{"value":"0.82549","scoring_system":"epss","scoring_elements":"0.9924","published_at":"2026-04-29T12:55:00Z"},{"value":"0.85051","scoring_system":"epss","scoring_elements":"0.99345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.85051","scoring_system":"epss","scoring_elements":"0.99347","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6515"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1364935","reference_id":"1364935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1364935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833823","reference_id":"833823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=833823"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40888.py","reference_id":"CVE-2016-6515","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40888.py"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://usn.ubuntu.com/3061-1/","reference_id":"USN-3061-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3061-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-6515"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11sf-sq1n-8ybk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60627?format=json","vulnerability_id":"VCID-27t6-mvt2-6kcd","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which allows remote attackers to cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6210.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6210","reference_id":"","reference_type":"","scores":[{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99594","published_at":"2026-05-14T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99586","published_at":"2026-04-24T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99587","published_at":"2026-04-26T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99588","published_at":"2026-04-29T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.9959","published_at":"2026-05-05T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99591","published_at":"2026-05-09T12:55:00Z"},{"value":"0.90046","scoring_system":"epss","scoring_elements":"0.99593","published_at":"2026-05-12T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99736","published_at":"2026-04-18T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99731","published_at":"2026-04-02T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99735","published_at":"2026-04-16T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99733","published_at":"2026-04-04T12:55:00Z"},{"value":"0.92487","scoring_system":"epss","scoring_elements":"0.99734","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6210"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357442","reference_id":"1357442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357442"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831902","reference_id":"831902","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831902"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Jul/51","reference_id":"CVE-2016-6210","reference_type":"exploit","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Jul/51"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40113.txt","reference_id":"CVE-2016-6210","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40113.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40136.py","reference_id":"CVE-2016-6210","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40136.py"},{"reference_url":"https://security.gentoo.org/glsa/201612-18","reference_id":"GLSA-201612-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2563","reference_id":"RHSA-2017:2563","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2563"},{"reference_url":"https://usn.ubuntu.com/3061-1/","reference_id":"USN-3061-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3061-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035850?format=json","purl":"pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-6210"],"risk_score":9.6,"exploitability":"2.0","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27t6-mvt2-6kcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42226?format=json","vulnerability_id":"VCID-3mzh-y1ek-cqh9","summary":"Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-51385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51385","reference_id":"","reference_type":"","scores":[{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94929","published_at":"2026-05-05T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94922","published_at":"2026-04-26T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94921","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94918","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94907","published_at":"2026-04-13T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94883","published_at":"2026-04-04T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94885","published_at":"2026-04-07T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94894","published_at":"2026-04-08T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94898","published_at":"2026-04-09T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94903","published_at":"2026-04-11T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.9488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.9495","published_at":"2026-05-11T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94945","published_at":"2026-05-09T12:55:00Z"},{"value":"0.16522","scoring_system":"epss","scoring_elements":"0.94935","published_at":"2026-05-07T12:55:00Z"},{"value":"0.17234","scoring_system":"epss","scoring_elements":"0.9509","published_at":"2026-05-14T12:55:00Z"},{"value":"0.17234","scoring_system":"epss","scoring_elements":"0.95078","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255271","reference_id":"2255271","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2255271"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/26/4","reference_id":"4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/26/4"},{"reference_url":"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a","reference_id":"7ef3787c84b6b524501211b11a26c742f829af1a","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/"}],"url":"https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0005/","reference_id":"ntap-20240105-0005","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240105-0005/"},{"reference_url":"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html","reference_id":"openssh-proxycommand-libssh-rce.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-08-15T14:20:00Z/"}],"url":"https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0429","reference_id":"RHSA-2024:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0455","reference_id":"RHSA-2024:0455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0594","reference_id":"RHSA-2024:0594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0606","reference_id":"RHSA-2024:0606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1130","reference_id":"RHSA-2024:1130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1790","reference_id":"RHSA-2026:1790","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1790"},{"reference_url":"https://usn.ubuntu.com/6560-2/","reference_id":"USN-6560-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-2/"},{"reference_url":"https://usn.ubuntu.com/6560-3/","reference_id":"USN-6560-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-3/"},{"reference_url":"https://usn.ubuntu.com/6565-1/","reference_id":"USN-6565-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6565-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2023-51385"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mzh-y1ek-cqh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34555?format=json","vulnerability_id":"VCID-45wb-44rx-1bhw","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0814","reference_id":"","reference_type":"","scores":[{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49528","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49558","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49586","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49538","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49593","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49587","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49604","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49575","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49577","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49624","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49622","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49592","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49583","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49594","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49553","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49469","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49506","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00262","scoring_system":"epss","scoring_elements":"0.49534","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0814"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445","reference_id":"657445","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=785292","reference_id":"785292","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=785292"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"}],"aliases":["CVE-2012-0814"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45wb-44rx-1bhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84679?format=json","vulnerability_id":"VCID-4fj8-vfgx-pyh9","summary":"openssh: privilege escalation via Unix domain socket forwarding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10010","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25408","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.2548","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25381","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25265","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25333","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25395","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25315","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25332","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25754","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25869","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25826","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25849","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25923","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25864","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25958","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25968","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25836","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10010"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:C/I:C/A:C"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406278","reference_id":"1406278","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406278"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715","reference_id":"848715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848715"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010","reference_id":"CVE-2016-10010","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1010"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt","reference_id":"CVE-2016-10010","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/40962.txt"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"USN-3538-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3538-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-10010"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4fj8-vfgx-pyh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86508?format=json","vulnerability_id":"VCID-81na-a8p9-3fc3","summary":"openssh: post-auth memory corruption when using AES-GCM cipher","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4548.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4548.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4548","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53709","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53729","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53756","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53782","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53778","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53827","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.5381","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53795","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53836","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53783","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53711","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53774","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53799","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53871","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4548"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4548"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1028418","reference_id":"1028418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1028418"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029","reference_id":"729029","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729029"},{"reference_url":"https://usn.ubuntu.com/2014-1/","reference_id":"USN-2014-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2014-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035848?format=json","purl":"pkg:deb/debian/openssh@1:6.6p1-4~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.6p1-4~bpo70%252B1"}],"aliases":["CVE-2013-4548"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81na-a8p9-3fc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81244?format=json","vulnerability_id":"VCID-87uy-3q5r-r3b7","summary":"openssh: scp can send duplicate responses to the server upon a utimes system call failure leading to overwrite of arbitrary files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12062.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12062","reference_id":"","reference_type":"","scores":[{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74452","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74456","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74483","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74457","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74489","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74505","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74527","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74508","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.745","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74537","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74545","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74572","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74579","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74581","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74611","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74637","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74605","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74624","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7468","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12062"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854145","reference_id":"1854145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1854145"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2020-12062"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87uy-3q5r-r3b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90988?format=json","vulnerability_id":"VCID-a7kr-mfau-bufd","summary":"regression update","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["DSA-4539-2 openssh"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7kr-mfau-bufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62403?format=json","vulnerability_id":"VCID-aaue-a343-u7f5","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6563.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6563","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22505","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22497","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22496","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22393","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22478","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22556","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22521","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22537","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22615","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2761","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27473","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2765","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27687","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2748","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27548","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.2759","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27551","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27501","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252844","reference_id":"1252844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252844"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711","reference_id":"795711","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711"},{"reference_url":"https://security.gentoo.org/glsa/201512-04","reference_id":"GLSA-201512-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2088","reference_id":"RHSA-2015:2088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0741","reference_id":"RHSA-2016:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2015-6563"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aaue-a343-u7f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64289?format=json","vulnerability_id":"VCID-ajmg-5kgx-k7h5","summary":"openssh: OpenSSH GSSAPI: Information disclosure or denial of service due to uninitialized variables","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3497.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3497","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09146","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09198","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09232","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09203","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09123","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10415","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10124","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10272","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1034","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10317","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10356","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10288","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10161","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10136","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10248","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10235","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10179","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-3497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3497"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595","reference_id":"1130595","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130595"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447085","reference_id":"2447085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447085"},{"reference_url":"https://www.openwall.com/lists/oss-security/2026/03/12/3","reference_id":"3","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2026/03/12/3"},{"reference_url":"https://ubuntu.com/security/CVE-2026-3497","reference_id":"CVE-2026-3497","reference_type":"","scores":[{"value":"2.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-12T19:04:05Z/"}],"url":"https://ubuntu.com/security/CVE-2026-3497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10714","reference_id":"RHSA-2026:10714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12071","reference_id":"RHSA-2026:12071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13750","reference_id":"RHSA-2026:13750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13812","reference_id":"RHSA-2026:13812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14773","reference_id":"RHSA-2026:14773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14924","reference_id":"RHSA-2026:14924","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14924"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15087","reference_id":"RHSA-2026:15087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15891","reference_id":"RHSA-2026:15891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15891"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15893","reference_id":"RHSA-2026:15893","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15893"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16008","reference_id":"RHSA-2026:16008","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16009","reference_id":"RHSA-2026:16009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16030","reference_id":"RHSA-2026:16030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5475","reference_id":"RHSA-2026:5475","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5475"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6461","reference_id":"RHSA-2026:6461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6462","reference_id":"RHSA-2026:6462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6463","reference_id":"RHSA-2026:6463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7107","reference_id":"RHSA-2026:7107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9415","reference_id":"RHSA-2026:9415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9732","reference_id":"RHSA-2026:9732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9732"},{"reference_url":"https://usn.ubuntu.com/8090-1/","reference_id":"USN-8090-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8090-1/"},{"reference_url":"https://usn.ubuntu.com/8090-2/","reference_id":"USN-8090-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8090-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055828?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1055829?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u8"},{"url":"http://public2.vulnerablecode.io/api/packages/1068120?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1089556?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u10"},{"url":"http://public2.vulnerablecode.io/api/packages/1068121?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1089557?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u3"},{"url":"http://public2.vulnerablecode.io/api/packages/1112484?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1055831?format=json","purl":"pkg:deb/debian/openssh@1:10.2p1-2~bpo13%2B1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-2~bpo13%252B1"}],"aliases":["CVE-2026-3497"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajmg-5kgx-k7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85374?format=json","vulnerability_id":"VCID-bdnh-bkx5-h3fe","summary":"openssh: out-of-bounds read in packet handling code","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json"},{"reference_url":"https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0","reference_id":"","reference_type":"","scores":[],"url":"https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1907","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64681","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64733","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64761","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64786","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64764","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64802","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64812","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68492","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68574","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68525","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68518","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68411","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68459","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68464","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68448","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68489","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1907"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa109","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa109"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"http://www.openssh.com/txt/release-7.1p2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/release-7.1p2"},{"reference_url":"http://www.securityfocus.com/bid/81293","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81293"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298746","reference_id":"1298746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298746"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1907","reference_id":"CVE-2016-1907","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1907"},{"reference_url":"https://usn.ubuntu.com/2966-1/","reference_id":"USN-2966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-1907"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdnh-bkx5-h3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83710?format=json","vulnerability_id":"VCID-c72q-f2cy-eqgc","summary":"openssh: Out of sequence NEWKEYS message can allow remote attacker to cause denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10708","reference_id":"","reference_type":"","scores":[{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86827","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86835","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86848","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86844","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86857","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86861","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86884","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86885","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.8684","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86813","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86807","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86907","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86926","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86944","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.8694","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86953","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0312","scoring_system":"epss","scoring_elements":"0.86981","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10708"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102780","reference_id":"102780","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"http://www.securityfocus.com/bid/102780"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537929","reference_id":"1537929","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537929"},{"reference_url":"http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html","reference_id":"fuzzing-tcp-servers.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html"},{"reference_url":"https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737","reference_id":"?id=28652bca29046f62c7045e933e6b931de1d16737","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737"},{"reference_url":"https://support.f5.com/csp/article/K32485746?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"K32485746?utm_source=f5support&amp%3Butm_medium=RSS","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://support.f5.com/csp/article/K32485746?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html","reference_id":"msg00031.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180423-0003/","reference_id":"ntap-20180423-0003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180423-0003/"},{"reference_url":"https://www.openssh.com/releasenotes.html","reference_id":"releasenotes.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://www.openssh.com/releasenotes.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf","reference_id":"ssa-676336.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf"},{"reference_url":"https://usn.ubuntu.com/3809-1/","reference_id":"USN-3809-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-28T15:50:42Z/"}],"url":"https://usn.ubuntu.com/3809-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-10708"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c72q-f2cy-eqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61832?format=json","vulnerability_id":"VCID-e3hw-afkw-f7bt","summary":"Multiple vulnerabilities have been found in OpenSSH, allowing\n    attackers to leak client memory to a server, including private keys.","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"},{"reference_url":"http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0778","reference_id":"","reference_type":"","scores":[{"value":"0.00914","scoring_system":"epss","scoring_elements":"0.76073","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77994","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77987","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78027","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78093","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.7805","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78077","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78102","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78083","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.7804","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83826","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83757","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83781","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.83985","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.83999","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0778"},{"reference_url":"https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"},{"reference_url":"https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa109","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa109"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Jan/44","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Jan/44"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"http://www.debian.org/security/2016/dsa-3446","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3446"},{"reference_url":"http://www.openssh.com/txt/release-7.1p2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/release-7.1p2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/14/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/14/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537295/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/537295/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/80698","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/80698"},{"reference_url":"http://www.securitytracker.com/id/1034671","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034671"},{"reference_url":"http://www.ubuntu.com/usn/USN-2869-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2869-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298033","reference_id":"1298033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298033"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0778","reference_id":"CVE-2016-0778","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0778"},{"reference_url":"https://security.gentoo.org/glsa/201601-01","reference_id":"GLSA-201601-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201601-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0043","reference_id":"RHSA-2016:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0043"},{"reference_url":"https://usn.ubuntu.com/2869-1/","reference_id":"USN-2869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2869-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035850?format=json","purl":"pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-0778"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3hw-afkw-f7bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80019?format=json","vulnerability_id":"VCID-fczw-59xy-83c6","summary":"openssh: privilege escalation when AuthorizedKeysCommand or AuthorizedPrincipalsCommand are configured","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-41617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41617","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50737","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50847","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50738","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5077","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50794","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50819","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50777","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50832","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50874","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50851","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50835","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5088","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50859","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50808","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50817","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50776","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.507","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50753","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50784","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-41617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2008291","reference_id":"2008291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2008291"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130","reference_id":"995130","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=995130"},{"reference_url":"https://security.archlinux.org/AVG-2422","reference_id":"AVG-2422","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4782","reference_id":"RHSA-2021:4782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:2013","reference_id":"RHSA-2022:2013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:2013"},{"reference_url":"https://usn.ubuntu.com/5666-1/","reference_id":"USN-5666-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5666-1/"},{"reference_url":"https://usn.ubuntu.com/6565-1/","reference_id":"USN-6565-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6565-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2021-41617"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fczw-59xy-83c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60624?format=json","vulnerability_id":"VCID-g5qe-8p8p-3kd6","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which allows remote attackers to cause Denial of Service.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2588.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2588.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0641.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2017-0641.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8325.json"},{"reference_url":"https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755","reference_id":"","reference_type":"","scores":[],"url":"https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8325","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25398","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25431","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25423","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25375","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25257","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25324","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25386","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25306","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25323","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.2933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29352","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29326","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29386","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29428","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29502","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29319","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8325"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8325"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html","reference_id":"","reference_type":"","scores":[],"url":"https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-8325.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180628-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20180628-0001/"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2015-8325","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2015-8325"},{"reference_url":"http://www.debian.org/security/2016/dsa-3550","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3550"},{"reference_url":"http://www.securityfocus.com/bid/86187","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/86187"},{"reference_url":"http://www.securitytracker.com/id/1036487","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036487"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1328012","reference_id":"1328012","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1328012"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_core:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_core:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_core:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_touch:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_touch:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_touch:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8325","reference_id":"CVE-2015-8325","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8325"},{"reference_url":"https://security.gentoo.org/glsa/201612-18","reference_id":"GLSA-201612-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2588","reference_id":"RHSA-2016:2588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0641","reference_id":"RHSA-2017:0641","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0641"},{"reference_url":"https://usn.ubuntu.com/2966-1/","reference_id":"USN-2966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035850?format=json","purl":"pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2015-8325"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g5qe-8p8p-3kd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57307?format=json","vulnerability_id":"VCID-g8g3-ts9j-8uab","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could allow a remote attacker to gain unauthorized access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6109","reference_id":"","reference_type":"","scores":[{"value":"0.07414","scoring_system":"epss","scoring_elements":"0.91703","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.9303","published_at":"2026-05-14T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.93","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.93007","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92924","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92927","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92935","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92939","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92942","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92953","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92956","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92963","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92966","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92967","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92964","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.9297","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92986","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09738","scoring_system":"epss","scoring_elements":"0.92997","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666119","reference_id":"1666119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666119"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412","reference_id":"793412","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793412"},{"reference_url":"https://security.archlinux.org/ASA-201904-11","reference_id":"ASA-201904-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-11"},{"reference_url":"https://security.archlinux.org/AVG-951","reference_id":"AVG-951","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-951"},{"reference_url":"https://security.gentoo.org/glsa/201903-16","reference_id":"GLSA-201903-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3702","reference_id":"RHSA-2019:3702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3702"},{"reference_url":"https://usn.ubuntu.com/3885-1/","reference_id":"USN-3885-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["CVE-2019-6109"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8g3-ts9j-8uab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39451?format=json","vulnerability_id":"VCID-ge2m-my5w-z3eb","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could allow a remote attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-28041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28041","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.46999","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47047","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.46946","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.46978","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47036","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47054","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47002","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47057","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47053","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47077","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47051","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47058","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47114","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47109","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47044","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47004","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.4692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.46984","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-28041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28041"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935055","reference_id":"1935055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935055"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940","reference_id":"984940","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984940"},{"reference_url":"https://security.archlinux.org/ASA-202103-6","reference_id":"ASA-202103-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-6"},{"reference_url":"https://security.archlinux.org/AVG-1657","reference_id":"AVG-1657","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1657"},{"reference_url":"https://security.gentoo.org/glsa/202105-35","reference_id":"GLSA-202105-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-35"},{"reference_url":"https://usn.ubuntu.com/4762-1/","reference_id":"USN-4762-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4762-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2021-28041"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2m-my5w-z3eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34554?format=json","vulnerability_id":"VCID-gns3-z8js-4fef","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5000","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52232","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52256","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52337","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59386","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5945","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59469","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59453","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59466","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59456","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59429","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59394","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59442","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.595","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59473","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59396","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5942","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=809938","reference_id":"809938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=809938"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0884","reference_id":"RHSA-2012:0884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0884"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"}],"aliases":["CVE-2011-5000"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gns3-z8js-4fef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57310?format=json","vulnerability_id":"VCID-gzmm-8kvw-6qbv","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could allow a remote attacker to gain unauthorized access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6111","reference_id":"","reference_type":"","scores":[{"value":"0.53643","scoring_system":"epss","scoring_elements":"0.98015","published_at":"2026-05-14T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98044","published_at":"2026-05-09T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.9804","published_at":"2026-05-07T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98042","published_at":"2026-05-05T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98007","published_at":"2026-04-01T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98012","published_at":"2026-04-02T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98045","published_at":"2026-05-12T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98043","published_at":"2026-05-11T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98032","published_at":"2026-04-18T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98026","published_at":"2026-04-13T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98025","published_at":"2026-04-12T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98021","published_at":"2026-04-09T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.9802","published_at":"2026-04-08T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98016","published_at":"2026-04-07T12:55:00Z"},{"value":"0.54405","scoring_system":"epss","scoring_elements":"0.98014","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98057","published_at":"2026-04-24T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98058","published_at":"2026-04-26T12:55:00Z"},{"value":"0.5497","scoring_system":"epss","scoring_elements":"0.98061","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6111"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/04/18/1","reference_id":"1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/04/18/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/08/02/1","reference_id":"1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/08/02/1"},{"reference_url":"http://www.securityfocus.com/bid/106741","reference_id":"106741","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://www.securityfocus.com/bid/106741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666127","reference_id":"1666127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1666127"},{"reference_url":"https://www.exploit-db.com/exploits/46193/","reference_id":"46193","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.exploit-db.com/exploits/46193/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486","reference_id":"923486","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923486"},{"reference_url":"https://security.archlinux.org/ASA-201904-11","reference_id":"ASA-201904-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-11"},{"reference_url":"https://security.archlinux.org/AVG-951","reference_id":"AVG-951","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-951"},{"reference_url":"https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E","reference_id":"c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E","reference_id":"c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E","reference_id":"d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://www.debian.org/security/2019/dsa-4387","reference_id":"dsa-4387","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.debian.org/security/2019/dsa-4387"},{"reference_url":"https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E","reference_id":"e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc","reference_id":"FreeBSD-EN-19:10.scp.asc","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://www.freebsd.org/security/advisories/FreeBSD-EN-19:10.scp.asc"},{"reference_url":"https://security.gentoo.org/glsa/201903-16","reference_id":"GLSA-201903-16","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://security.gentoo.org/glsa/201903-16"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html","reference_id":"msg00058.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00058.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190213-0001/","reference_id":"ntap-20190213-0001","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190213-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3702","reference_id":"RHSA-2019:3702","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3702"},{"reference_url":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c","reference_id":"scp.c","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677794","reference_id":"show_bug.cgi?id=1677794","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677794"},{"reference_url":"https://usn.ubuntu.com/3885-1/","reference_id":"USN-3885-1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://usn.ubuntu.com/3885-1/"},{"reference_url":"https://usn.ubuntu.com/3885-2/","reference_id":"USN-3885-2","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://usn.ubuntu.com/3885-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/","reference_id":"W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T14:34:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["CVE-2019-6111"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gzmm-8kvw-6qbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47189?format=json","vulnerability_id":"VCID-ha8v-pqwf-r3a1","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of which could allow a remote attacker to gain unauthorized access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26465","reference_id":"","reference_type":"","scores":[{"value":"0.61222","scoring_system":"epss","scoring_elements":"0.98336","published_at":"2026-05-14T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98813","published_at":"2026-04-16T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98814","published_at":"2026-04-18T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98831","published_at":"2026-05-11T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98829","published_at":"2026-05-09T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.9882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98833","published_at":"2026-05-12T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98804","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98807","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98808","published_at":"2026-04-12T12:55:00Z"},{"value":"0.73605","scoring_system":"epss","scoring_elements":"0.98809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98818","published_at":"2026-04-04T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.9884","published_at":"2026-04-29T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.73977","scoring_system":"epss","scoring_elements":"0.98845","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://seclists.org/oss-sec/2025/q1/144","reference_id":"144","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://seclists.org/oss-sec/2025/q1/144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344780","reference_id":"2344780","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2344780"},{"reference_url":"https://access.redhat.com/solutions/7109879","reference_id":"7109879","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/solutions/7109879"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9","reference_id":"cpe:/a:redhat:discovery:1.14::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:1.14::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4","reference_id":"cpe:/a:redhat:openshift:4","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26465","reference_id":"CVE-2025-26465","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26465"},{"reference_url":"https://security.gentoo.org/glsa/202502-01","reference_id":"GLSA-202502-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202502-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16823","reference_id":"RHSA-2025:16823","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3837","reference_id":"RHSA-2025:3837","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:6993","reference_id":"RHSA-2025:6993","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:6993"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8385","reference_id":"RHSA-2025:8385","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-19T15:02:09Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:8385"},{"reference_url":"https://usn.ubuntu.com/7270-1/","reference_id":"USN-7270-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7270-1/"},{"reference_url":"https://usn.ubuntu.com/7270-2/","reference_id":"USN-7270-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7270-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055828?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7"}],"aliases":["CVE-2025-26465"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ha8v-pqwf-r3a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60626?format=json","vulnerability_id":"VCID-hmqc-xunp-myap","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which allows remote attackers to cause Denial of Service.","references":[{"reference_url":"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c","reference_id":"","reference_type":"","scores":[],"url":"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c"},{"reference_url":"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h","reference_id":"","reference_type":"","scores":[],"url":"http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c.diff?r1=1.281&r2=1.282&f=h"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183101.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183122.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178838.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179924.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180491.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184264.html"},{"reference_url":"http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/136234/OpenSSH-7.2p1-xauth-Command-Injection-Bypass.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0465.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0465.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0466.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0466.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3115","reference_id":"","reference_type":"","scores":[{"value":"0.40545","scoring_system":"epss","scoring_elements":"0.97403","published_at":"2026-05-14T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97539","published_at":"2026-04-13T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97521","published_at":"2026-04-02T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97523","published_at":"2026-04-04T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97525","published_at":"2026-04-07T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97531","published_at":"2026-04-08T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97532","published_at":"2026-04-09T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97536","published_at":"2026-04-11T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97538","published_at":"2026-04-12T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97514","published_at":"2026-04-01T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97547","published_at":"2026-04-16T12:55:00Z"},{"value":"0.43987","scoring_system":"epss","scoring_elements":"0.97548","published_at":"2026-04-18T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-05-11T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97697","published_at":"2026-04-29T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.9771","published_at":"2026-05-12T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97691","published_at":"2026-04-24T12:55:00Z"},{"value":"0.47105","scoring_system":"epss","scoring_elements":"0.97692","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3115"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa121","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Mar/46","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Mar/46"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Mar/47","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Mar/47"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-3115"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"},{"reference_url":"https://www.exploit-db.com/exploits/39569/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/39569/"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc","reference_id":"","reference_type":"","scores":[],"url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-16:14.openssh.asc"},{"reference_url":"http://www.openssh.com/txt/x11fwd.adv","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/x11fwd.adv"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/84314","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84314"},{"reference_url":"http://www.securitytracker.com/id/1035249","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035249"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316829","reference_id":"1316829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316829"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:*:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:vm_server:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115","reference_id":"CVE-2016-3115","reference_type":"exploit","scores":[],"url":"https://github.com/tintinweb/pub/tree/e8fe09e2123f07f09e3f8e34fc4e3e58fe804fd4/pocs/cve-2016-3115"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py","reference_id":"CVE-2016-3115","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/39569.py"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3115","reference_id":"CVE-2016-3115","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:N"},{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-3115"},{"reference_url":"https://security.gentoo.org/glsa/201612-18","reference_id":"GLSA-201612-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0465","reference_id":"RHSA-2016:0465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0466","reference_id":"RHSA-2016:0466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0466"},{"reference_url":"https://usn.ubuntu.com/2966-1/","reference_id":"USN-2966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-3115"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmqc-xunp-myap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70416?format=json","vulnerability_id":"VCID-hse5-y15y-n3dw","summary":"openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32728","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50759","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50797","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50785","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50741","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50794","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50813","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50835","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5082","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50768","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50778","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50732","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50652","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50706","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50737","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53914","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.5401","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.5394","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32728"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig","reference_id":"013_ssh.patch.sig","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/"}],"url":"https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig"},{"reference_url":"https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html","reference_id":"041879.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/"}],"url":"https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603","reference_id":"1102603","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102603"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358767","reference_id":"2358767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2358767"},{"reference_url":"https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367","reference_id":"fc86875e6acb36401dfc1dfb6b628a9d1460f367","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/"}],"url":"https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367"},{"reference_url":"https://www.openssh.com/txt/release-10.0","reference_id":"release-10.0","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/"}],"url":"https://www.openssh.com/txt/release-10.0"},{"reference_url":"https://www.openssh.com/txt/release-7.4","reference_id":"release-7.4","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T18:35:34Z/"}],"url":"https://www.openssh.com/txt/release-7.4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20126","reference_id":"RHSA-2025:20126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20126"},{"reference_url":"https://usn.ubuntu.com/7457-1/","reference_id":"USN-7457-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7457-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055828?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7"}],"aliases":["CVE-2025-32728"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hse5-y15y-n3dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20351?format=json","vulnerability_id":"VCID-jzn6-bzzf-nugp","summary":"Improper Validation of Integrity Check Value\nThe SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.","references":[{"reference_url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"0.52606","scoring_system":"epss","scoring_elements":"0.97967","published_at":"2026-05-14T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98007","published_at":"2026-05-12T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98004","published_at":"2026-05-11T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98005","published_at":"2026-05-09T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98002","published_at":"2026-05-07T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.97994","published_at":"2026-04-24T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98123","published_at":"2026-04-08T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98114","published_at":"2026-04-02T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98136","published_at":"2026-04-18T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98134","published_at":"2026-04-16T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.58603","scoring_system":"epss","scoring_elements":"0.98219","published_at":"2026-04-26T12:55:00Z"},{"value":"0.58603","scoring_system":"epss","scoring_elements":"0.98218","published_at":"2026-04-29T12:55:00Z"},{"value":"0.61084","scoring_system":"epss","scoring_elements":"0.98316","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"},{"reference_url":"https://bugs.gentoo.org/920280","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugs.gentoo.org/920280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-082556.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-364175.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-364175.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/html/ssa-794697.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://cert-portal.siemens.com/productcert/html/ssa-794697.html"},{"reference_url":"https://crates.io/crates/thrussh/versions","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://crates.io/crates/thrussh/versions"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Mar/21","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Mar/21"},{"reference_url":"https://filezilla-project.org/versions.php","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://filezilla-project.org/versions.php"},{"reference_url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/mina-sshd/issues/445","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/apache/mina-sshd/issues/445"},{"reference_url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"},{"reference_url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"},{"reference_url":"https://github.com/cyd01/KiTTY/issues/520","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/cyd01/KiTTY/issues/520"},{"reference_url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"},{"reference_url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1"},{"reference_url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"},{"reference_url":"https://github.com/hierynomus/sshj/issues/916","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/hierynomus/sshj/issues/916"},{"reference_url":"https://github.com/janmojzis/tinyssh/issues/81","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/janmojzis/tinyssh/issues/81"},{"reference_url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"},{"reference_url":"https://github.com/libssh2/libssh2/pull/1291","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/libssh2/libssh2/pull/1291"},{"reference_url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"},{"reference_url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"},{"reference_url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"},{"reference_url":"https://github.com/mwiede/jsch/issues/457","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/issues/457"},{"reference_url":"https://github.com/mwiede/jsch/pull/461","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/pull/461"},{"reference_url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"},{"reference_url":"https://github.com/NixOS/nixpkgs/pull/275249","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/NixOS/nixpkgs/pull/275249"},{"reference_url":"https://github.com/openssh/openssh-portable/commits/master","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/openssh/openssh-portable/commits/master"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/paramiko/paramiko/issues/2337"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"},{"reference_url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/issues/456","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/issues/456"},{"reference_url":"https://github.com/rapier1/hpn-ssh/releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/rapier1/hpn-ssh/releases"},{"reference_url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"},{"reference_url":"https://github.com/ronf/asyncssh/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/tags"},{"reference_url":"https://github.com/ssh-mitm/ssh-mitm/issues/165","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ssh-mitm/ssh-mitm/issues/165"},{"reference_url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"},{"reference_url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"},{"reference_url":"https://github.com/warp-tech/russh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh"},{"reference_url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951"},{"reference_url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2"},{"reference_url":"https://gitlab.com/libssh/libssh-mirror/-/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://gitlab.com/libssh/libssh-mirror/-/tags"},{"reference_url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"},{"reference_url":"https://go.dev/cl/550715","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/550715"},{"reference_url":"https://go.dev/issue/64784","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/64784"},{"reference_url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"},{"reference_url":"https://help.panic.com/releasenotes/transmit5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://help.panic.com/releasenotes/transmit5"},{"reference_url":"https://help.panic.com/releasenotes/transmit5/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://help.panic.com/releasenotes/transmit5/"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://matt.ucc.asn.au/dropbear/CHANGES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://matt.ucc.asn.au/dropbear/CHANGES"},{"reference_url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"},{"reference_url":"https://news.ycombinator.com/item?id=38684904","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38684904"},{"reference_url":"https://news.ycombinator.com/item?id=38685286","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38685286"},{"reference_url":"https://news.ycombinator.com/item?id=38732005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38732005"},{"reference_url":"https://nova.app/releases/#v11.8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nova.app/releases/#v11.8"},{"reference_url":"https://oryx-embedded.com/download/#changelog","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://oryx-embedded.com/download/#changelog"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"},{"reference_url":"https://roumenpetrov.info/secsh/#news20231220","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://roumenpetrov.info/secsh/#news20231220"},{"reference_url":"https://security.gentoo.org/glsa/202312-16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-16"},{"reference_url":"https://security.gentoo.org/glsa/202312-17","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/libssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/libssh2"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"},{"reference_url":"https://support.apple.com/kb/HT214084","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://support.apple.com/kb/HT214084"},{"reference_url":"https://twitter.com/TrueSkrillor/status/1736774389725565005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://twitter.com/TrueSkrillor/status/1736774389725565005"},{"reference_url":"https://winscp.net/eng/docs/history#6.2.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://winscp.net/eng/docs/history#6.2.2"},{"reference_url":"https://www.bitvise.com/ssh-client-version-history#933","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-client-version-history#933"},{"reference_url":"https://www.bitvise.com/ssh-server-version-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-server-version-history"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"},{"reference_url":"https://www.debian.org/security/2023/dsa-5586","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5586"},{"reference_url":"https://www.debian.org/security/2023/dsa-5588","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5588"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"},{"reference_url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netsarang.com/en/xshell-update-history"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.netsarang.com/en/xshell-update-history/"},{"reference_url":"https://www.openssh.com/openbsd.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/openbsd.html"},{"reference_url":"https://www.openssh.com/txt/release-9.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/txt/release-9.6"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/18/2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/18/2"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"https://www.paramiko.org/changelog.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.paramiko.org/changelog.html"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"},{"reference_url":"https://www.terrapin-attack.com","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.terrapin-attack.com"},{"reference_url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh"},{"reference_url":"https://www.vandyke.com/products/securecrt/history.txt","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.vandyke.com/products/securecrt/history.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/18/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/18/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/19/5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/19/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/06/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/17/8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/17/8"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001","reference_id":"1059001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002","reference_id":"1059002","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003","reference_id":"1059003","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004","reference_id":"1059004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005","reference_id":"1059005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006","reference_id":"1059006","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007","reference_id":"1059007","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058","reference_id":"1059058","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144","reference_id":"1059144","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290","reference_id":"1059290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294","reference_id":"1059294","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","reference_id":"33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/","reference_id":"3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","reference_id":"3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","reference_id":"6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/","reference_id":"BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","reference_id":"C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/","reference_id":"CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-48795"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-48795"},{"reference_url":"https://ubuntu.com/security/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://ubuntu.com/security/CVE-2023-48795"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway","reference_id":"CVE-2023-48795-AND-SFTP-GATEWAY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/","reference_id":"CVE-2023-48795-AND-SFTP-GATEWAY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit","reference_id":"CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability","reference_id":"CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"},{"reference_url":"https://github.com/advisories/GHSA-45x7-px36-x8w8","reference_id":"GHSA-45x7-px36-x8w8","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8","reference_id":"GHSA-45x7-px36-x8w8","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://security.gentoo.org/glsa/202407-11","reference_id":"GLSA-202407-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-11"},{"reference_url":"https://security.gentoo.org/glsa/202407-12","reference_id":"GLSA-202407-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-12"},{"reference_url":"https://security.gentoo.org/glsa/202509-06","reference_id":"GLSA-202509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-06"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","reference_id":"HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","reference_id":"I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/","reference_id":"KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","reference_id":"L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","reference_id":"LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004/","reference_id":"ntap-20240105-0004","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7197","reference_id":"RHSA-2023:7197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7201","reference_id":"RHSA-2023:7201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0040","reference_id":"RHSA-2024:0040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0429","reference_id":"RHSA-2024:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0455","reference_id":"RHSA-2024:0455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0499","reference_id":"RHSA-2024:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0538","reference_id":"RHSA-2024:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0594","reference_id":"RHSA-2024:0594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0606","reference_id":"RHSA-2024:0606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0625","reference_id":"RHSA-2024:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0628","reference_id":"RHSA-2024:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0766","reference_id":"RHSA-2024:0766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0789","reference_id":"RHSA-2024:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0843","reference_id":"RHSA-2024:0843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0880","reference_id":"RHSA-2024:0880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0954","reference_id":"RHSA-2024:0954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1130","reference_id":"RHSA-2024:1130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1150","reference_id":"RHSA-2024:1150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1192","reference_id":"RHSA-2024:1192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1193","reference_id":"RHSA-2024:1193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1196","reference_id":"RHSA-2024:1196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1197","reference_id":"RHSA-2024:1197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1210","reference_id":"RHSA-2024:1210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1557","reference_id":"RHSA-2024:1557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1859","reference_id":"RHSA-2024:1859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2728","reference_id":"RHSA-2024:2728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2735","reference_id":"RHSA-2024:2735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2768","reference_id":"RHSA-2024:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2988","reference_id":"RHSA-2024:2988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3479","reference_id":"RHSA-2024:3479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3634","reference_id":"RHSA-2024:3634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3635","reference_id":"RHSA-2024:3635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3636","reference_id":"RHSA-2024:3636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3918","reference_id":"RHSA-2024:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4010","reference_id":"RHSA-2024:4010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4151","reference_id":"RHSA-2024:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4329","reference_id":"RHSA-2024:4329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4479","reference_id":"RHSA-2024:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4484","reference_id":"RHSA-2024:4484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4597","reference_id":"RHSA-2024:4597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4662","reference_id":"RHSA-2024:4662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4955","reference_id":"RHSA-2024:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4959","reference_id":"RHSA-2024:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5200","reference_id":"RHSA-2024:5200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5432","reference_id":"RHSA-2024:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5433","reference_id":"RHSA-2024:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5438","reference_id":"RHSA-2024:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8235","reference_id":"RHSA-2024:8235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4664","reference_id":"RHSA-2025:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4664"},{"reference_url":"https://usn.ubuntu.com/6560-1/","reference_id":"USN-6560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-1/"},{"reference_url":"https://usn.ubuntu.com/6560-2/","reference_id":"USN-6560-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-2/"},{"reference_url":"https://usn.ubuntu.com/6561-1/","reference_id":"USN-6561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6561-1/"},{"reference_url":"https://usn.ubuntu.com/6585-1/","reference_id":"USN-6585-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6585-1/"},{"reference_url":"https://usn.ubuntu.com/6589-1/","reference_id":"USN-6589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6589-1/"},{"reference_url":"https://usn.ubuntu.com/6598-1/","reference_id":"USN-6598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6598-1/"},{"reference_url":"https://usn.ubuntu.com/6738-1/","reference_id":"USN-6738-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6738-1/"},{"reference_url":"https://usn.ubuntu.com/7051-1/","reference_id":"USN-7051-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7051-1/"},{"reference_url":"https://usn.ubuntu.com/7292-1/","reference_id":"USN-7292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7292-1/"},{"reference_url":"https://usn.ubuntu.com/7297-1/","reference_id":"USN-7297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2023-48795","GHSA-45x7-px36-x8w8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34553?format=json","vulnerability_id":"VCID-k8ae-fc4a-gycy","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=144050155601375&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-1591.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-1591.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5107","reference_id":"","reference_type":"","scores":[{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83428","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83169","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83185","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83198","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83223","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.8323","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83245","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.8324","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83235","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83271","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83273","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83274","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83297","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83312","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83336","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83357","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83377","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83379","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83394","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-5107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19515"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19595"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156"},{"reference_url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89","reference_id":"","reference_type":"","scores":[],"url":"http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/07/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2013/02/07/3"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/bid/58162","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102","reference_id":"700102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=908707","reference_id":"908707","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=908707"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8p2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-5107","reference_id":"CVE-2010-5107","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-5107"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1527","reference_id":"RHSA-2013:1527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1591","reference_id":"RHSA-2013:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1591"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"}],"aliases":["CVE-2010-5107"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8ae-fc4a-gycy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62401?format=json","vulnerability_id":"VCID-kbba-6c9u-tygk","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5352","reference_id":"","reference_type":"","scores":[{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90079","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90081","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90093","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90097","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90119","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90128","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90127","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90121","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90138","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90135","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90151","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.9015","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90149","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90159","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90175","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90186","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90181","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90189","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0539","scoring_system":"epss","scoring_elements":"0.90203","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1238231","reference_id":"1238231","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1238231"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798","reference_id":"790798","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790798"},{"reference_url":"https://security.gentoo.org/glsa/201512-04","reference_id":"GLSA-201512-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0741","reference_id":"RHSA-2016:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0741"},{"reference_url":"https://usn.ubuntu.com/2710-1/","reference_id":"USN-2710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2015-5352"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbba-6c9u-tygk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57602?format=json","vulnerability_id":"VCID-mpex-kz3k-97aq","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2653","reference_id":"","reference_type":"","scores":[{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86462","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86348","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86355","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86375","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86395","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86415","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0289","scoring_system":"epss","scoring_elements":"0.86425","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.8819","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88198","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88214","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88219","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88239","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88245","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88256","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88249","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88263","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03883","scoring_system":"epss","scoring_elements":"0.88261","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1081338","reference_id":"1081338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1081338"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513","reference_id":"742513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1552","reference_id":"RHSA-2014:1552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0425","reference_id":"RHSA-2015:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0425"},{"reference_url":"https://usn.ubuntu.com/2164-1/","reference_id":"USN-2164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035848?format=json","purl":"pkg:deb/debian/openssh@1:6.6p1-4~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.6p1-4~bpo70%252B1"}],"aliases":["CVE-2014-2653"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpex-kz3k-97aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60625?format=json","vulnerability_id":"VCID-myec-kc76-9bc1","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which allows remote attackers to cause Denial of Service.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2016/01/15/13","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2016/01/15/13"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0465.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0465.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0741.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0741.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1908.json"},{"reference_url":"https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c","reference_id":"","reference_type":"","scores":[],"url":"https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1908","reference_id":"","reference_type":"","scores":[{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8428","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84413","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84433","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84459","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84475","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84292","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84314","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84335","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84341","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84359","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84351","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84347","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84369","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8437","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84373","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02368","scoring_system":"epss","scoring_elements":"0.85075","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02368","scoring_system":"epss","scoring_elements":"0.85108","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02368","scoring_system":"epss","scoring_elements":"0.8506","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1908"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1908"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html"},{"reference_url":"http://www.openssh.com/txt/release-7.2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/release-7.2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/84427","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84427"},{"reference_url":"http://www.securitytracker.com/id/1034705","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034705"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298741","reference_id":"1298741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298741"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1908","reference_id":"CVE-2016-1908","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1908"},{"reference_url":"https://security.gentoo.org/glsa/201612-18","reference_id":"GLSA-201612-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0465","reference_id":"RHSA-2016:0465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0741","reference_id":"RHSA-2016:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0741"},{"reference_url":"https://usn.ubuntu.com/2966-1/","reference_id":"USN-2966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-1908"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myec-kc76-9bc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84680?format=json","vulnerability_id":"VCID-qt1x-kyuf-gker","summary":"openssh: Leak of host private key material to privilege-separated child process via realloc()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10011","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03825","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03715","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0372","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03722","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03769","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03732","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03752","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03784","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03789","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03946","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03899","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03879","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03889","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03978","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03929","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03937","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03948","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03954","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:S/C:P/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406286","reference_id":"1406286","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406286"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716","reference_id":"848716","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848716"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"USN-3538-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3538-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-10011"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qt1x-kyuf-gker"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34556?format=json","vulnerability_id":"VCID-qx5k-n11s-rucg","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2532","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41871","published_at":"2026-05-14T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42059","published_at":"2026-04-01T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42119","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42148","published_at":"2026-04-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42084","published_at":"2026-04-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42147","published_at":"2026-04-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42169","published_at":"2026-04-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42132","published_at":"2026-04-12T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42108","published_at":"2026-04-13T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42133","published_at":"2026-04-18T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42063","published_at":"2026-04-21T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42005","published_at":"2026-04-24T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42","published_at":"2026-04-26T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41774","published_at":"2026-05-05T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41841","published_at":"2026-05-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41859","published_at":"2026-05-09T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41771","published_at":"2026-05-11T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41796","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2653"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077843","reference_id":"1077843","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1077843"},{"reference_url":"https://security.gentoo.org/glsa/201405-06","reference_id":"GLSA-201405-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1552","reference_id":"RHSA-2014:1552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1552"},{"reference_url":"https://usn.ubuntu.com/2155-1/","reference_id":"USN-2155-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2155-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035848?format=json","purl":"pkg:deb/debian/openssh@1:6.6p1-4~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.6p1-4~bpo70%252B1"}],"aliases":["CVE-2014-2532"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qx5k-n11s-rucg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62402?format=json","vulnerability_id":"VCID-t1sg-4bvj-qqfk","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5600","reference_id":"","reference_type":"","scores":[{"value":"0.70907","scoring_system":"epss","scoring_elements":"0.9869","published_at":"2026-04-01T12:55:00Z"},{"value":"0.70907","scoring_system":"epss","scoring_elements":"0.98691","published_at":"2026-04-02T12:55:00Z"},{"value":"0.70907","scoring_system":"epss","scoring_elements":"0.98694","published_at":"2026-04-04T12:55:00Z"},{"value":"0.70907","scoring_system":"epss","scoring_elements":"0.98697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.70907","scoring_system":"epss","scoring_elements":"0.98698","published_at":"2026-04-08T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98803","published_at":"2026-04-09T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98806","published_at":"2026-04-11T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98807","published_at":"2026-04-12T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98812","published_at":"2026-04-16T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98813","published_at":"2026-04-18T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98816","published_at":"2026-04-21T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98819","published_at":"2026-04-24T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.9882","published_at":"2026-04-26T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98821","published_at":"2026-04-29T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98825","published_at":"2026-05-07T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98829","published_at":"2026-05-09T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.9883","published_at":"2026-05-11T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98832","published_at":"2026-05-12T12:55:00Z"},{"value":"0.73594","scoring_system":"epss","scoring_elements":"0.98835","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5600"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1245969","reference_id":"1245969","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1245969"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616","reference_id":"793616","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793616"},{"reference_url":"https://security.gentoo.org/glsa/201512-04","reference_id":"GLSA-201512-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2088","reference_id":"RHSA-2015:2088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0466","reference_id":"RHSA-2016:0466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0466"},{"reference_url":"https://usn.ubuntu.com/2710-1/","reference_id":"USN-2710-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2710-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2015-5600"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1sg-4bvj-qqfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84681?format=json","vulnerability_id":"VCID-u21t-acnr-dub2","summary":"openssh: Bounds check can be evaded in the shared memory manager used by pre-authentication compression support","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10012","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06116","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05944","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06035","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06093","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06108","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0611","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05702","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05742","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05768","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05746","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05738","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05689","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05699","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0585","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05882","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05928","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05904","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05837","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406293","reference_id":"1406293","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406293"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717","reference_id":"848717","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848717"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"USN-3538-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3538-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-10012"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u21t-acnr-dub2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44840?format=json","vulnerability_id":"VCID-ubjj-qb2c-n3d4","summary":"An integer overflow in OpenSSH might allow an attacker to execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16905","reference_id":"","reference_type":"","scores":[{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5048","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50537","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50564","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50518","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50573","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50569","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50612","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50588","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50574","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5062","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50548","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50556","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.5051","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50429","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50482","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50513","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50466","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00271","scoring_system":"epss","scoring_elements":"0.50497","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1767966","reference_id":"1767966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1767966"},{"reference_url":"https://security.gentoo.org/glsa/201911-01","reference_id":"GLSA-201911-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201911-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2019-16905"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubjj-qb2c-n3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84678?format=json","vulnerability_id":"VCID-v1vq-wecd-1ud9","summary":"openssh: loading of untrusted PKCS#11 modules in ssh-agent","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10009","reference_id":"","reference_type":"","scores":[{"value":"0.01168","scoring_system":"epss","scoring_elements":"0.78834","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.815","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81704","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81721","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81511","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81531","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81559","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81564","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81584","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81572","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81565","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81602","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81604","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81608","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.8163","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81638","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81643","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81681","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01579","scoring_system":"epss","scoring_elements":"0.81705","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406269","reference_id":"1406269","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1406269"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714","reference_id":"848714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848714"},{"reference_url":"https://security.archlinux.org/ASA-201612-20","reference_id":"ASA-201612-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201612-20"},{"reference_url":"https://security.archlinux.org/AVG-110","reference_id":"AVG-110","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-110"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1009","reference_id":"CVE-2016-10009","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1009"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt","reference_id":"CVE-2016-10009","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/40963.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2029","reference_id":"RHSA-2017:2029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2029"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"USN-3538-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3538-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-10009"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1vq-wecd-1ud9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41455?format=json","vulnerability_id":"VCID-v27n-4vt2-rffw","summary":"A flaw has been discovered in OpenSSH which could allow a remote\n    attacker to create zero-length files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15906","reference_id":"","reference_type":"","scores":[{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.8571","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85937","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85723","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85741","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85747","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85766","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85891","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85889","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02659","scoring_system":"epss","scoring_elements":"0.85902","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86956","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86965","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86969","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86967","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86985","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86991","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86947","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86961","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.86993","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.87013","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03174","scoring_system":"epss","scoring_elements":"0.8703","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1506630","reference_id":"1506630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1506630"},{"reference_url":"https://security.gentoo.org/glsa/201801-05","reference_id":"GLSA-201801-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0980","reference_id":"RHSA-2018:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0980"},{"reference_url":"https://usn.ubuntu.com/3538-1/","reference_id":"USN-3538-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3538-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["CVE-2017-15906"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v27n-4vt2-rffw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60628?format=json","vulnerability_id":"VCID-vj3u-a1c3-6qe5","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which allows remote attackers to cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8858","reference_id":"","reference_type":"","scores":[{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96411","published_at":"2026-05-14T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96371","published_at":"2026-04-21T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96372","published_at":"2026-04-24T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96373","published_at":"2026-04-26T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96374","published_at":"2026-04-29T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96384","published_at":"2026-05-05T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96388","published_at":"2026-05-07T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96394","published_at":"2026-05-09T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96396","published_at":"2026-05-11T12:55:00Z"},{"value":"0.26866","scoring_system":"epss","scoring_elements":"0.96401","published_at":"2026-05-12T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96389","published_at":"2026-04-16T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96347","published_at":"2026-04-01T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96393","published_at":"2026-04-18T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96363","published_at":"2026-04-07T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96379","published_at":"2026-04-12T12:55:00Z"},{"value":"0.27135","scoring_system":"epss","scoring_elements":"0.96382","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8858"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384860","reference_id":"1384860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1384860"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884","reference_id":"841884","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841884"},{"reference_url":"https://security.gentoo.org/glsa/201612-18","reference_id":"GLSA-201612-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-8858"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vj3u-a1c3-6qe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47326?format=json","vulnerability_id":"VCID-vrgz-eguk-k3dy","summary":"Multiple vulnerabilities have been found in Dropbear, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20685.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20685","reference_id":"","reference_type":"","scores":[{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.8747","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87336","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87456","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87462","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87444","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87431","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87417","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87416","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87327","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87352","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87504","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.8741","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87393","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87399","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87396","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87381","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87385","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.8739","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03377","scoring_system":"epss","scoring_elements":"0.87378","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/106531","reference_id":"106531","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"http://www.securityfocus.com/bid/106531"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665785","reference_id":"1665785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665785"},{"reference_url":"https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2","reference_id":"6010c0303a422a9c5fa8860c061bf7105eb7f8b2","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101","reference_id":"919101","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919101"},{"reference_url":"https://security.archlinux.org/ASA-201904-11","reference_id":"ASA-201904-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-11"},{"reference_url":"https://security.archlinux.org/AVG-951","reference_id":"AVG-951","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-951"},{"reference_url":"https://www.debian.org/security/2019/dsa-4387","reference_id":"dsa-4387","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://www.debian.org/security/2019/dsa-4387"},{"reference_url":"https://security.gentoo.org/glsa/201903-16","reference_id":"GLSA-201903-16","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://security.gentoo.org/glsa/201903-16"},{"reference_url":"https://security.gentoo.org/glsa/202007-53","reference_id":"GLSA-202007-53","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://security.gentoo.org/glsa/202007-53"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190215-0001/","reference_id":"ntap-20190215-0001","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://security.netapp.com/advisory/ntap-20190215-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3702","reference_id":"RHSA-2019:3702","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:3702"},{"reference_url":"https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h","reference_id":"scp.c.diff?r1=1.197&r2=1.198&f=h","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/scp.c.diff?r1=1.197&r2=1.198&f=h"},{"reference_url":"https://usn.ubuntu.com/3885-1/","reference_id":"USN-3885-1","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:53:24Z/"}],"url":"https://usn.ubuntu.com/3885-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["CVE-2018-20685"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrgz-eguk-k3dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61831?format=json","vulnerability_id":"VCID-wkpy-uwex-93db","summary":"Multiple vulnerabilities have been found in OpenSSH, allowing\n    attackers to leak client memory to a server, including private keys.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0777","reference_id":"","reference_type":"","scores":[{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98581","published_at":"2026-05-14T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98577","published_at":"2026-05-11T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98579","published_at":"2026-05-12T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98548","published_at":"2026-04-01T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.9856","published_at":"2026-04-12T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98561","published_at":"2026-04-13T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98566","published_at":"2026-04-21T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.9857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98576","published_at":"2026-05-05T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98578","published_at":"2026-05-09T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98682","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98684","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298032","reference_id":"1298032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298032"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984","reference_id":"810984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984"},{"reference_url":"https://security.gentoo.org/glsa/201601-01","reference_id":"GLSA-201601-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201601-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0043","reference_id":"RHSA-2016:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0043"},{"reference_url":"https://usn.ubuntu.com/2869-1/","reference_id":"USN-2869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2869-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1035850?format=json","purl":"pkg:deb/debian/openssh@1:6.7p1-5%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.7p1-5%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2016-0777"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkpy-uwex-93db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62404?format=json","vulnerability_id":"VCID-yrzy-er8x-c3ad","summary":"Multiple vulnerabilities have been found in OpenSSH, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6564.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-6564.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6564","reference_id":"","reference_type":"","scores":[{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83736","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83749","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83763","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83766","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.8379","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83812","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83806","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83802","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83835","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02032","scoring_system":"epss","scoring_elements":"0.83836","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.83945","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.83971","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.83979","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.83984","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84005","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84028","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84045","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84044","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84061","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02063","scoring_system":"epss","scoring_elements":"0.84095","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-6564"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6564","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6564"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252852","reference_id":"1252852","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711","reference_id":"795711","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795711"},{"reference_url":"https://security.gentoo.org/glsa/201512-04","reference_id":"GLSA-201512-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2088","reference_id":"RHSA-2015:2088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0741","reference_id":"RHSA-2016:0741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"}],"aliases":["CVE-2015-6564"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yrzy-er8x-c3ad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87517?format=json","vulnerability_id":"VCID-ytkr-ev34-buhd","summary":"OpenSSH: legacy certificate generation information leak","references":[{"reference_url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777","reference_id":"","reference_type":"","scores":[],"url":"http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777"},{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0539.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0539","reference_id":"","reference_type":"","scores":[{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79719","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79482","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79512","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79526","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79533","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79555","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.7956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79558","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79563","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79595","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79601","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79616","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79632","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79654","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79671","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79667","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.7968","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0539"},{"reference_url":"http://secunia.com/advisories/43181","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43181"},{"reference_url":"http://secunia.com/advisories/44269","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44269"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65163","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65163"},{"reference_url":"http://www.openssh.com/txt/legacy-cert.adv","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/legacy-cert.adv"},{"reference_url":"http://www.openwall.com/lists/oss-security/2011/02/04/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2011/02/04/2"},{"reference_url":"http://www.securityfocus.com/bid/46155","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46155"},{"reference_url":"http://www.securitytracker.com/id?1025028","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1025028"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0284","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=675254","reference_id":"675254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=675254"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0539","reference_id":"CVE-2011-0539","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571191?format=json","purl":"pkg:deb/debian/openssh@1:6.0p1-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-11sf-sq1n-8ybk"},{"vulnerability":"VCID-27t6-mvt2-6kcd"},{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-4fj8-vfgx-pyh9"},{"vulnerability":"VCID-81na-a8p9-3fc3"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-aaue-a343-u7f5"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bdnh-bkx5-h3fe"},{"vulnerability":"VCID-c72q-f2cy-eqgc"},{"vulnerability":"VCID-e3hw-afkw-f7bt"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g5qe-8p8p-3kd6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hmqc-xunp-myap"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-kbba-6c9u-tygk"},{"vulnerability":"VCID-mpex-kz3k-97aq"},{"vulnerability":"VCID-myec-kc76-9bc1"},{"vulnerability":"VCID-qt1x-kyuf-gker"},{"vulnerability":"VCID-qx5k-n11s-rucg"},{"vulnerability":"VCID-t1sg-4bvj-qqfk"},{"vulnerability":"VCID-u21t-acnr-dub2"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v1vq-wecd-1ud9"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vj3u-a1c3-6qe5"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-wkpy-uwex-93db"},{"vulnerability":"VCID-yrzy-er8x-c3ad"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:6.0p1-4%252Bdeb7u4"}],"aliases":["CVE-2011-0539"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytkr-ev34-buhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50012?format=json","vulnerability_id":"VCID-zncv-645p-f3gn","summary":"Multiple vulnerbilities have been discovered in OpenSSH, the worst of which could result in remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-38408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38408","reference_id":"","reference_type":"","scores":[{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98443","published_at":"2026-04-08T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98464","published_at":"2026-05-09T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98461","published_at":"2026-05-07T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-29T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98452","published_at":"2026-04-18T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98447","published_at":"2026-04-13T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98448","published_at":"2026-04-12T12:55:00Z"},{"value":"0.64352","scoring_system":"epss","scoring_elements":"0.98445","published_at":"2026-04-09T12:55:00Z"},{"value":"0.66852","scoring_system":"epss","scoring_elements":"0.98543","published_at":"2026-04-07T12:55:00Z"},{"value":"0.67238","scoring_system":"epss","scoring_elements":"0.98579","published_at":"2026-05-11T12:55:00Z"},{"value":"0.67238","scoring_system":"epss","scoring_elements":"0.98581","published_at":"2026-05-12T12:55:00Z"},{"value":"0.67238","scoring_system":"epss","scoring_elements":"0.98583","published_at":"2026-05-14T12:55:00Z"},{"value":"0.67693","scoring_system":"epss","scoring_elements":"0.98586","published_at":"2026-04-21T12:55:00Z"},{"value":"0.69995","scoring_system":"epss","scoring_elements":"0.98659","published_at":"2026-04-02T12:55:00Z"},{"value":"0.69995","scoring_system":"epss","scoring_elements":"0.98662","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-38408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460","reference_id":"1042460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042460"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/11","reference_id":"11","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/07/20/2","reference_id":"2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/07/20/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224173","reference_id":"2224173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2224173"},{"reference_url":"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8","reference_id":"7bc29a9d5cd697290aa056e94ecee6253d3425f8","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://github.com/openbsd/src/commit/7bc29a9d5cd697290aa056e94ecee6253d3425f8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/09/22/9","reference_id":"9","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/09/22/9"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/","reference_id":"CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CEBTJJINE2I3FHAUKKNQWMFGYMLSMWKQ/"},{"reference_url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent","reference_id":"cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent"},{"reference_url":"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408","reference_id":"exploring-opensshs-agent-forwarding-rce-cve-2023-38408","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://www.vicarius.io/vsociety/posts/exploring-opensshs-agent-forwarding-rce-cve-2023-38408"},{"reference_url":"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d","reference_id":"f03a4faa55c4ce0818324701dadbf91988d7351d","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://github.com/openbsd/src/commit/f03a4faa55c4ce0818324701dadbf91988d7351d"},{"reference_url":"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca","reference_id":"f8f5a6b003981bb824329dc987d101977beda7ca","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://github.com/openbsd/src/commit/f8f5a6b003981bb824329dc987d101977beda7ca"},{"reference_url":"https://security.gentoo.org/glsa/202307-01","reference_id":"GLSA-202307-01","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://security.gentoo.org/glsa/202307-01"},{"reference_url":"https://support.apple.com/kb/HT213940","reference_id":"HT213940","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://support.apple.com/kb/HT213940"},{"reference_url":"https://news.ycombinator.com/item?id=36790196","reference_id":"item?id=36790196","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://news.ycombinator.com/item?id=36790196"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html","reference_id":"msg00021.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00021.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230803-0010/","reference_id":"ntap-20230803-0010","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230803-0010/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/","reference_id":"RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAXVQS6ZYTULFAK3TEJHRLKZALJS3AOU/"},{"reference_url":"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt","reference_id":"rce-openssh-forwarded-ssh-agent.txt","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt"},{"reference_url":"https://www.openssh.com/txt/release-9.3p2","reference_id":"release-9.3p2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://www.openssh.com/txt/release-9.3p2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4329","reference_id":"RHSA-2023:4329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4381","reference_id":"RHSA-2023:4381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4382","reference_id":"RHSA-2023:4382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4383","reference_id":"RHSA-2023:4383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4384","reference_id":"RHSA-2023:4384","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4384"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4412","reference_id":"RHSA-2023:4412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4413","reference_id":"RHSA-2023:4413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4419","reference_id":"RHSA-2023:4419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4419"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4428","reference_id":"RHSA-2023:4428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4889","reference_id":"RHSA-2023:4889","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4889"},{"reference_url":"https://www.openssh.com/security.html","reference_id":"security.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:21Z/"}],"url":"https://www.openssh.com/security.html"},{"reference_url":"https://usn.ubuntu.com/6242-1/","reference_id":"USN-6242-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6242-1/"},{"reference_url":"https://usn.ubuntu.com/6242-2/","reference_id":"USN-6242-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6242-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1050195?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3"}],"aliases":["CVE-2023-38408"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zncv-645p-f3gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34932?format=json","vulnerability_id":"VCID-zxw6-2um9-23e7","summary":"A vulnerability in OpenSSH might allow remote attackers to\n    determine valid usernames.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15473.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15473","reference_id":"","reference_type":"","scores":[{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99601","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99612","published_at":"2026-05-14T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99611","published_at":"2026-05-12T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.9961","published_at":"2026-05-11T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99609","published_at":"2026-05-09T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99607","published_at":"2026-05-05T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99605","published_at":"2026-04-24T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-29T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99604","published_at":"2026-04-13T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99603","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90356","scoring_system":"epss","scoring_elements":"0.99602","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15473"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securitytracker.com/id/1041487","reference_id":"1041487","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"http://www.securitytracker.com/id/1041487"},{"reference_url":"http://www.securityfocus.com/bid/105140","reference_id":"105140","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"http://www.securityfocus.com/bid/105140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1619063","reference_id":"1619063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1619063"},{"reference_url":"https://www.exploit-db.com/exploits/45210/","reference_id":"45210","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://www.exploit-db.com/exploits/45210/"},{"reference_url":"https://www.exploit-db.com/exploits/45233/","reference_id":"45233","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://www.exploit-db.com/exploits/45233/"},{"reference_url":"https://www.exploit-db.com/exploits/45939/","reference_id":"45939","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://www.exploit-db.com/exploits/45939/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/08/15/5","reference_id":"5","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"http://www.openwall.com/lists/oss-security/2018/08/15/5"},{"reference_url":"https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0","reference_id":"779974d35b4859c07bc3cb8a12c74b43b0a7d1e0","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0"},{"reference_url":"https://bugs.debian.org/906236","reference_id":"906236","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://bugs.debian.org/906236"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906236","reference_id":"906236","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906236"},{"reference_url":"https://security.archlinux.org/AVG-763","reference_id":"AVG-763","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-763"},{"reference_url":"https://bugfuzz.com/stuff/ssh-check-username.py","reference_id":"CVE-2018-15473","reference_type":"exploit","scores":[],"url":"https://bugfuzz.com/stuff/ssh-check-username.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45210.py","reference_id":"CVE-2018-15473","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45210.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45233.py","reference_id":"CVE-2018-15473","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45233.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45939.py","reference_id":"CVE-2018-15473","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45939.py"},{"reference_url":"https://www.debian.org/security/2018/dsa-4280","reference_id":"dsa-4280","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://www.debian.org/security/2018/dsa-4280"},{"reference_url":"https://security.gentoo.org/glsa/201810-03","reference_id":"GLSA-201810-03","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://security.gentoo.org/glsa/201810-03"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/08/msg00022.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181101-0001/","reference_id":"ntap-20181101-0001","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20181101-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0711","reference_id":"RHSA-2019:0711","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:0711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2143","reference_id":"RHSA-2019:2143","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:2143"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011","reference_id":"SNWLID-2018-0011","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0011"},{"reference_url":"https://usn.ubuntu.com/3809-1/","reference_id":"USN-3809-1","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:22:43Z/"}],"url":"https://usn.ubuntu.com/3809-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037085?format=json","purl":"pkg:deb/debian/openssh@1:7.4p1-10%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-a7kr-mfau-bufd"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-g8g3-ts9j-8uab"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-gzmm-8kvw-6qbv"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-v27n-4vt2-rffw"},{"vulnerability":"VCID-vrgz-eguk-k3dy"},{"vulnerability":"VCID-zncv-645p-f3gn"},{"vulnerability":"VCID-zxw6-2um9-23e7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.4p1-10%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/1037924?format=json","purl":"pkg:deb/debian/openssh@1:7.9p1-10%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3mzh-y1ek-cqh9"},{"vulnerability":"VCID-87uy-3q5r-r3b7"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-fczw-59xy-83c6"},{"vulnerability":"VCID-ge2m-my5w-z3eb"},{"vulnerability":"VCID-ha8v-pqwf-r3a1"},{"vulnerability":"VCID-hse5-y15y-n3dw"},{"vulnerability":"VCID-jzn6-bzzf-nugp"},{"vulnerability":"VCID-ubjj-qb2c-n3d4"},{"vulnerability":"VCID-zncv-645p-f3gn"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.9p1-10%252Bdeb10u2"}],"aliases":["CVE-2018-15473"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxw6-2um9-23e7"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:5.5p1-6%252Bsqueeze8"}