{"url":"http://public2.vulnerablecode.io/api/packages/933915?format=json","purl":"pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie","type":"deb","namespace":"debian","name":"openssh","version":"1:7.1p2-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:7.2p1-1","latest_non_vulnerable_version":"1:10.3p1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85374?format=json","vulnerability_id":"VCID-bdnh-bkx5-h3fe","summary":"openssh: out-of-bounds read in packet handling code","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1907.json"},{"reference_url":"https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0","reference_id":"","reference_type":"","scores":[],"url":"https://anongit.mindrot.org/openssh.git/commit/?id=2fecfd486bdba9f51b3a789277bb0733ca36e1c0"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1907","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64681","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64786","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64764","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64802","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64812","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64733","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64761","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64724","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68464","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68411","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00564","scoring_system":"epss","scoring_elements":"0.68459","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1907"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa109","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa109"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1907"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"http://www.openssh.com/txt/release-7.1p2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/release-7.1p2"},{"reference_url":"http://www.securityfocus.com/bid/81293","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81293"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298746","reference_id":"1298746","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298746"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1907","reference_id":"CVE-2016-1907","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1907"},{"reference_url":"https://usn.ubuntu.com/2966-1/","reference_id":"USN-2966-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2966-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933915?format=json","purl":"pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933878?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933876?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933880?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933879?format=json","purl":"pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062514?format=json","purl":"pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1907"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdnh-bkx5-h3fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61832?format=json","vulnerability_id":"VCID-e3hw-afkw-f7bt","summary":"Multiple vulnerabilities have been found in OpenSSH, allowing\n    attackers to leak client memory to a server, including private keys.","references":[{"reference_url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734","reference_id":"","reference_type":"","scores":[],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734"},{"reference_url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"},{"reference_url":"http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0778","reference_id":"","reference_type":"","scores":[{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77987","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78027","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.78019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.7804","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01092","scoring_system":"epss","scoring_elements":"0.77994","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83826","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83757","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83781","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02029","scoring_system":"epss","scoring_elements":"0.83787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.83985","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02099","scoring_system":"epss","scoring_elements":"0.83999","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0778"},{"reference_url":"https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"},{"reference_url":"https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"},{"reference_url":"https://bto.bluecoat.com/security-advisory/sa109","reference_id":"","reference_type":"","scores":[],"url":"https://bto.bluecoat.com/security-advisory/sa109"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Jan/44","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Jan/44"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"},{"reference_url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722","reference_id":"","reference_type":"","scores":[],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"},{"reference_url":"https://support.apple.com/HT206167","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT206167"},{"reference_url":"http://www.debian.org/security/2016/dsa-3446","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3446"},{"reference_url":"http://www.openssh.com/txt/release-7.1p2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openssh.com/txt/release-7.1p2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/14/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/14/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537295/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/537295/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/80698","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/80698"},{"reference_url":"http://www.securitytracker.com/id/1034671","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034671"},{"reference_url":"http://www.ubuntu.com/usn/USN-2869-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2869-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298033","reference_id":"1298033","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298033"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0778","reference_id":"CVE-2016-0778","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0778"},{"reference_url":"https://security.gentoo.org/glsa/201601-01","reference_id":"GLSA-201601-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201601-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0043","reference_id":"RHSA-2016:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0043"},{"reference_url":"https://usn.ubuntu.com/2869-1/","reference_id":"USN-2869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2869-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933915?format=json","purl":"pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933878?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933876?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933880?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933879?format=json","purl":"pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062514?format=json","purl":"pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-0778"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e3hw-afkw-f7bt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61831?format=json","vulnerability_id":"VCID-wkpy-uwex-93db","summary":"Multiple vulnerabilities have been found in OpenSSH, allowing\n    attackers to leak client memory to a server, including private keys.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0777.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0777","reference_id":"","reference_type":"","scores":[{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.9857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98569","published_at":"2026-04-24T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98548","published_at":"2026-04-01T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.9856","published_at":"2026-04-12T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98561","published_at":"2026-04-13T12:55:00Z"},{"value":"0.67203","scoring_system":"epss","scoring_elements":"0.98566","published_at":"2026-04-21T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98682","published_at":"2026-04-07T12:55:00Z"},{"value":"0.7041","scoring_system":"epss","scoring_elements":"0.98684","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298032","reference_id":"1298032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1298032"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984","reference_id":"810984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810984"},{"reference_url":"https://security.gentoo.org/glsa/201601-01","reference_id":"GLSA-201601-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201601-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0043","reference_id":"RHSA-2016:0043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0043"},{"reference_url":"https://usn.ubuntu.com/2869-1/","reference_id":"USN-2869-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2869-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/933915?format=json","purl":"pkg:deb/debian/openssh@1:7.1p2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933878?format=json","purl":"pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-b4uc-yh56-muej"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933876?format=json","purl":"pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-a7m6-uqbt-nqd9"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"},{"vulnerability":"VCID-wga4-sqwk-4bfj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933880?format=json","purl":"pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-ajmg-5kgx-k7h5"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/933879?format=json","purl":"pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-792n-jkzj-qqhd"},{"vulnerability":"VCID-8efr-budq-6bb6"},{"vulnerability":"VCID-a4eq-r71a-buhm"},{"vulnerability":"VCID-bnrq-2fsr-mfgd"},{"vulnerability":"VCID-kgn5-p8kx-qucj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1062514?format=json","purl":"pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie"}],"aliases":["CVE-2016-0777"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkpy-uwex-93db"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:7.1p2-1%3Fdistro=trixie"}