{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","type":"deb","namespace":"debian","name":"putty","version":"0.74-1+deb11u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.75-3","latest_non_vulnerable_version":"0.83-3","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50594?format=json","vulnerability_id":"VCID-24cg-zw49-b3ab","summary":"Multiple vulnerabilities have been discovered in PuTTY, the worst of which could lead to compromised keys.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31497","reference_id":"","reference_type":"","scores":[{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95356","published_at":"2026-04-09T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.9538","published_at":"2026-04-29T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95378","published_at":"2026-04-26T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95376","published_at":"2026-04-24T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95374","published_at":"2026-04-18T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.9537","published_at":"2026-04-16T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95363","published_at":"2026-04-13T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95353","published_at":"2026-04-08T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.95361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.19221","scoring_system":"epss","scoring_elements":"0.9536","published_at":"2026-04-11T12:55:00Z"},{"value":"0.19629","scoring_system":"epss","scoring_elements":"0.95399","published_at":"2026-04-04T12:55:00Z"},{"value":"0.19629","scoring_system":"epss","scoring_elements":"0.95403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.19629","scoring_system":"epss","scoring_elements":"0.95393","published_at":"2026-04-02T12:55:00Z"},{"value":"0.21972","scoring_system":"epss","scoring_elements":"0.95808","published_at":"2026-05-09T12:55:00Z"},{"value":"0.21972","scoring_system":"epss","scoring_elements":"0.958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.21972","scoring_system":"epss","scoring_elements":"0.95802","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31497"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497"},{"reference_url":"https://twitter.com/lambdafu/status/1779969509522133272","reference_id":"1779969509522133272","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://twitter.com/lambdafu/status/1779969509522133272"},{"reference_url":"https://twitter.com/CCBalert/status/1780229237569470549","reference_id":"1780229237569470549","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://twitter.com/CCBalert/status/1780229237569470549"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/04/15/6","reference_id":"6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/04/15/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/15/6","reference_id":"6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/15/6"},{"reference_url":"https://github.com/daedalus/BreakingECDSAwithLLL","reference_id":"BreakingECDSAwithLLL","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://github.com/daedalus/BreakingECDSAwithLLL"},{"reference_url":"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward","reference_id":"Chapter9.html#pageant-forward","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2024-31497","reference_id":"CVE-2024-31497","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2024-31497"},{"reference_url":"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/","reference_id":"cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"},{"reference_url":"https://github.com/advisories/GHSA-6p4c-r453-8743","reference_id":"GHSA-6p4c-r453-8743","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://github.com/advisories/GHSA-6p4c-r453-8743"},{"reference_url":"https://security.gentoo.org/glsa/202407-11","reference_id":"GLSA-202407-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-11"},{"reference_url":"https://news.ycombinator.com/item?id=40044665","reference_id":"item?id=40044665","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://news.ycombinator.com/item?id=40044665"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/","reference_id":"IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"},{"reference_url":"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty","reference_id":"key-generation-and-agent-forwarding-with-putty","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/","reference_id":"MMHILY2K7HQGQRHOC375KRRG2M6625RD","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"},{"reference_url":"https://winscp.net/eng/news.php","reference_id":"news.php","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://winscp.net/eng/news.php"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/","reference_id":"PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"},{"reference_url":"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git","reference_id":"putty.git","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git"},{"reference_url":"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/","reference_id":"putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/","reference_id":"putty_vulnerability_affecting_v068_to_v08","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1222864","reference_id":"show_bug.cgi?id=1222864","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1222864"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275183","reference_id":"show_bug.cgi?id=2275183","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2275183"},{"reference_url":"https://tortoisegit.org","reference_id":"tortoisegit.org","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://tortoisegit.org"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html","reference_id":"vuln-p521-bias.html","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/","reference_id":"WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/","reference_id":"WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T04:01:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936065?format=json","purl":"pkg:deb/debian/putty@0.81-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.81-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2024-31497"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24cg-zw49-b3ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210952?format=json","vulnerability_id":"VCID-26s5-my22-cqaq","summary":"In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9896","reference_id":"","reference_type":"","scores":[{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84398","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84381","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84202","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84215","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84234","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84256","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84262","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.8428","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84271","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84293","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84295","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84298","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84324","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84332","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84337","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02157","scoring_system":"epss","scoring_elements":"0.84356","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9896"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0001/"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9896","reference_id":"CVE-2019-9896","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9896"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936056?format=json","purl":"pkg:deb/debian/putty@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-26s5-my22-cqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94824?format=json","vulnerability_id":"VCID-5524-rbbb-xydc","summary":"PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36367","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32916","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33216","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33194","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33157","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33011","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32994","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32919","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32807","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.32876","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33168","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33295","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33327","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3316","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33203","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3324","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33199","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33175","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36367"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990901","reference_id":"990901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990901"},{"reference_url":"https://security.archlinux.org/ASA-202107-37","reference_id":"ASA-202107-37","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202107-37"},{"reference_url":"https://security.archlinux.org/AVG-2143","reference_id":"AVG-2143","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2143"},{"reference_url":"https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa","reference_id":"putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-22T20:07:50Z/"}],"url":"https://git.tartarus.org/?p=simon/putty.git%3Ba=commit%3Bh=1dc5659aa62848f0aeb5de7bd3839fecc7debefa"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936062?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936061?format=json","purl":"pkg:deb/debian/putty@0.75-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.75-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2021-36367"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5524-rbbb-xydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31705?format=json","vulnerability_id":"VCID-5c43-x53a-y7bw","summary":"Multiple vulnerabilities have been found in FileZilla, the worst of\n    which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4852","reference_id":"","reference_type":"","scores":[{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82491","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82505","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82523","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.8252","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82546","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82553","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82571","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82565","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82595","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.8262","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82637","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82656","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82678","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82699","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4852"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779","reference_id":"718779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718779"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718800","reference_id":"718800","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718800"},{"reference_url":"https://security.gentoo.org/glsa/201308-01","reference_id":"GLSA-201308-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201308-01"},{"reference_url":"https://security.gentoo.org/glsa/201309-08","reference_id":"GLSA-201309-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936052?format=json","purl":"pkg:deb/debian/putty@0.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4852"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5c43-x53a-y7bw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79733?format=json","vulnerability_id":"VCID-8b5g-ajhf-7ydp","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9898","reference_id":"","reference_type":"","scores":[{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88935","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88922","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88808","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88816","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88832","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88858","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88869","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88865","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88878","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88876","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88874","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.8889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88897","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88898","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04291","scoring_system":"epss","scoring_elements":"0.88905","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/6","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/6"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190329-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190329-0002/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190401-0002/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190401-0002/"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.debian.org/security/2019/dsa-4423","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4423"},{"reference_url":"http://www.securityfocus.com/bid/107523","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107523"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9898","reference_id":"CVE-2019-9898","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9898"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936059?format=json","purl":"pkg:deb/debian/putty@0.70-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9898"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8b5g-ajhf-7ydp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31703?format=json","vulnerability_id":"VCID-8em6-srgn-dbhh","summary":"Multiple vulnerabilities have been found in FileZilla, the worst of\n    which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4207","reference_id":"","reference_type":"","scores":[{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68796","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68865","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68885","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68893","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68915","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68892","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68943","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68949","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68954","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68935","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.68978","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00579","scoring_system":"epss","scoring_elements":"0.69013","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070","reference_id":"719070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070"},{"reference_url":"https://security.gentoo.org/glsa/201309-08","reference_id":"GLSA-201309-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936052?format=json","purl":"pkg:deb/debian/putty@0.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4207"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8em6-srgn-dbhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91081?format=json","vulnerability_id":"VCID-8y81-t9u5-4uf7","summary":"PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0048","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22822","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23035","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.229","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22953","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22935","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22878","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22847","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22684","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22677","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22571","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22655","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22733","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0048"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936044?format=json","purl":"pkg:deb/debian/putty@0.53-b-2003-01-04-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.53-b-2003-01-04-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2003-0048"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8y81-t9u5-4uf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62454?format=json","vulnerability_id":"VCID-9fwx-3bsq-q3e9","summary":"PuTTY contains a vulnerability allowing a SSH server to execute arbitrary\n    code on the connecting client.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1440","reference_id":"","reference_type":"","scores":[{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87481","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87491","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87505","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87507","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87527","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87533","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.8754","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87537","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87551","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87552","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.8755","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87567","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87574","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87572","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.876","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03466","scoring_system":"epss","scoring_elements":"0.87618","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1440"},{"reference_url":"https://security.gentoo.org/glsa/200408-04","reference_id":"GLSA-200408-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200408-04"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936048?format=json","purl":"pkg:deb/debian/putty@0.56-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.56-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1440"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fwx-3bsq-q3e9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91084?format=json","vulnerability_id":"VCID-9qpq-am8x-mqax","summary":"The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0069","reference_id":"","reference_type":"","scores":[{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57217","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57299","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57322","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57298","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57349","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57352","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57367","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57347","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57325","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57326","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57283","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57287","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57237","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59432","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.63941","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0069"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0069","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0069"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936047?format=json","purl":"pkg:deb/debian/putty@0.54-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.54-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2003-0069"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qpq-am8x-mqax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94072?format=json","vulnerability_id":"VCID-9ss1-k3at-nub5","summary":"PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial of service by accessing freed memory locations via an SSH1_MSG_DISCONNECT message.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17069","reference_id":"","reference_type":"","scores":[{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64902","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64859","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64684","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64735","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64726","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64774","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64789","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64806","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64794","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64805","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64816","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64802","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.6482","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64833","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.6483","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00474","scoring_system":"epss","scoring_elements":"0.64811","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17069"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17069","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17069"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"},{"reference_url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191127-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191127-0003/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17069","reference_id":"CVE-2019-17069","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17069"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936058?format=json","purl":"pkg:deb/debian/putty@0.73-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.73-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-17069"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ss1-k3at-nub5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49338?format=json","vulnerability_id":"VCID-a7m1-vrvp-hyap","summary":"A buffer overflow in PuTTY might allow remote attackers to execute\n    arbitrary code or cause a denial of service.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2017-03/msg00055.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6542","reference_id":"","reference_type":"","scores":[{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95834","published_at":"2026-05-09T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95828","published_at":"2026-05-07T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.9576","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95769","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95779","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95795","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95796","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95806","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95811","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95813","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95815","published_at":"2026-04-29T12:55:00Z"},{"value":"0.22153","scoring_system":"epss","scoring_elements":"0.95827","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6542"},{"reference_url":"https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8","reference_id":"","reference_type":"","scores":[],"url":"https://git.tartarus.org/?p=simon/putty.git%3Ba=commitdiff%3Bh=4ff22863d895cb7ebfced4cf923a012a614adaa8"},{"reference_url":"https://www.exploit-db.com/exploits/42137/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42137/"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html"},{"reference_url":"http://www.securityfocus.com/bid/97156","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97156"},{"reference_url":"http://www.securitytracker.com/id/1038067","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1038067"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857642","reference_id":"857642","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857642"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42137.txt","reference_id":"CVE-2017-6542","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42137.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6542","reference_id":"CVE-2017-6542","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6542"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html","reference_id":"CVE-2017-6542","reference_type":"exploit","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html"},{"reference_url":"https://security.gentoo.org/glsa/201703-03","reference_id":"GLSA-201703-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201703-03"},{"reference_url":"https://security.gentoo.org/glsa/201706-09","reference_id":"GLSA-201706-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936057?format=json","purl":"pkg:deb/debian/putty@0.67-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2017-6542"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7m1-vrvp-hyap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79731?format=json","vulnerability_id":"VCID-aee6-9w9s-mkbe","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9895","reference_id":"","reference_type":"","scores":[{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76046","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76023","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.7584","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75843","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75875","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75855","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75887","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.759","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75923","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75904","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75898","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75938","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75925","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75962","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75972","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75983","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.75993","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/6","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/6"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0001/"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.debian.org/security/2019/dsa-4423","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4423"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opengroup:unix:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9895","reference_id":"CVE-2019-9895","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9895"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936059?format=json","purl":"pkg:deb/debian/putty@0.70-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9895"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aee6-9w9s-mkbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31704?format=json","vulnerability_id":"VCID-ch3d-pgfs-nfej","summary":"Multiple vulnerabilities have been found in FileZilla, the worst of\n    which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4208","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19557","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19699","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19746","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19549","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19601","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19604","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19498","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19464","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19472","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19485","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19377","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19368","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1933","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19223","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19305","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19396","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070","reference_id":"719070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070"},{"reference_url":"https://security.gentoo.org/glsa/201309-08","reference_id":"GLSA-201309-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936052?format=json","purl":"pkg:deb/debian/putty@0.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4208"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ch3d-pgfs-nfej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51287?format=json","vulnerability_id":"VCID-e979-9hzq-jqba","summary":"Multiple vulnerabilities have been found in PuTTY, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-05/msg00131.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2563","reference_id":"","reference_type":"","scores":[{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96568","published_at":"2026-05-09T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.9656","published_at":"2026-05-05T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96562","published_at":"2026-05-07T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96504","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96513","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96518","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96521","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.9653","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96532","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96535","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96538","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96544","published_at":"2026-04-16T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.9655","published_at":"2026-04-18T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96552","published_at":"2026-04-29T12:55:00Z"},{"value":"0.28635","scoring_system":"epss","scoring_elements":"0.96551","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2563"},{"reference_url":"http://seclists.org/fulldisclosure/2016/Mar/22","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2016/Mar/22"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-2563"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-pscp-sink-sscanf.html"},{"reference_url":"http://www.securityfocus.com/bid/84296","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84296"},{"reference_url":"http://www.securitytracker.com/id/1035257","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035257"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816921","reference_id":"816921","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=816921"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/tintinweb/pub/tree/999963dfda3f90f96687272d914967f2364a6651/pocs/cve-2016-2563","reference_id":"CVE-2016-2563","reference_type":"exploit","scores":[],"url":"https://github.com/tintinweb/pub/tree/999963dfda3f90f96687272d914967f2364a6651/pocs/cve-2016-2563"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39551.txt","reference_id":"CVE-2016-2563","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/39551.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2563","reference_id":"CVE-2016-2563","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2563"},{"reference_url":"https://security.gentoo.org/glsa/201606-01","reference_id":"GLSA-201606-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936055?format=json","purl":"pkg:deb/debian/putty@0.67-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.67-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2016-2563"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e979-9hzq-jqba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91634?format=json","vulnerability_id":"VCID-er8w-eu6j-hufw","summary":"PuTTY 0.59 and earlier uses weak file permissions for (1) ppk files containing private keys generated by puttygen and (2) session logs created by putty, which allows local users to gain sensitive information by reading these files.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7162","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12802","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12845","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12941","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1299","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12792","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1287","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12921","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12885","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12848","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12803","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12707","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12712","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12814","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12831","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12794","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12688","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12594","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12732","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7162"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7162","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7162"},{"reference_url":"http://secunia.com/advisories/24381","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/24381"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804","reference_id":"400804","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=400804"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-7162","reference_id":"CVE-2006-7162","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-7162"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936050?format=json","purl":"pkg:deb/debian/putty@0.59-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.59-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2006-7162"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-er8w-eu6j-hufw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94368?format=json","vulnerability_id":"VCID-gp2g-u84g-q7c2","summary":"PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14002","reference_id":"","reference_type":"","scores":[{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.72995","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73004","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73025","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73001","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73038","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.7305","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73075","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73054","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73091","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.731","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73131","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73144","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73143","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73138","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73164","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00746","scoring_system":"epss","scoring_elements":"0.73186","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-14002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936060?format=json","purl":"pkg:deb/debian/putty@0.74-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2020-14002"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gp2g-u84g-q7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/20351?format=json","vulnerability_id":"VCID-jzn6-bzzf-nugp","summary":"Improper Validation of Integrity Check Value\nThe SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.","references":[{"reference_url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-48795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.97994","published_at":"2026-04-24T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98002","published_at":"2026-05-07T12:55:00Z"},{"value":"0.53559","scoring_system":"epss","scoring_elements":"0.98005","published_at":"2026-05-09T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98136","published_at":"2026-04-18T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98114","published_at":"2026-04-02T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98134","published_at":"2026-04-16T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98129","published_at":"2026-04-13T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5673","scoring_system":"epss","scoring_elements":"0.98123","published_at":"2026-04-08T12:55:00Z"},{"value":"0.58603","scoring_system":"epss","scoring_elements":"0.98219","published_at":"2026-04-26T12:55:00Z"},{"value":"0.58603","scoring_system":"epss","scoring_elements":"0.98218","published_at":"2026-04-29T12:55:00Z"},{"value":"0.61084","scoring_system":"epss","scoring_elements":"0.98316","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-48795"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack"},{"reference_url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/"},{"reference_url":"https://bugs.gentoo.org/920280","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugs.gentoo.org/920280"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2254210"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1217950"},{"reference_url":"https://crates.io/crates/thrussh/versions","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://crates.io/crates/thrussh/versions"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6918"},{"reference_url":"http://seclists.org/fulldisclosure/2024/Mar/21","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://seclists.org/fulldisclosure/2024/Mar/21"},{"reference_url":"https://filezilla-project.org/versions.php","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://filezilla-project.org/versions.php"},{"reference_url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://forum.netgate.com/topic/184941/terrapin-ssh-attack"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/apache/mina-sshd/issues/445","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/apache/mina-sshd/issues/445"},{"reference_url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab"},{"reference_url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22"},{"reference_url":"https://github.com/cyd01/KiTTY/issues/520","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/cyd01/KiTTY/issues/520"},{"reference_url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/drakkan/sftpgo/releases/tag/v2.5.6"},{"reference_url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42"},{"reference_url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/erlang/otp/releases/tag/OTP-26.2.1"},{"reference_url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"},{"reference_url":"https://github.com/hierynomus/sshj/issues/916","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/hierynomus/sshj/issues/916"},{"reference_url":"https://github.com/janmojzis/tinyssh/issues/81","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/janmojzis/tinyssh/issues/81"},{"reference_url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5"},{"reference_url":"https://github.com/libssh2/libssh2/pull/1291","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/libssh2/libssh2/pull/1291"},{"reference_url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25"},{"reference_url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3"},{"reference_url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15"},{"reference_url":"https://github.com/mwiede/jsch/issues/457","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/issues/457"},{"reference_url":"https://github.com/mwiede/jsch/pull/461","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/mwiede/jsch/pull/461"},{"reference_url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16"},{"reference_url":"https://github.com/NixOS/nixpkgs/pull/275249","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/NixOS/nixpkgs/pull/275249"},{"reference_url":"https://github.com/openssh/openssh-portable/commits/master","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/openssh/openssh-portable/commits/master"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/paramiko/paramiko/issues/2337"},{"reference_url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/paramiko/paramiko/issues/2337#issuecomment-1887642773"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/issues/2189"},{"reference_url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta"},{"reference_url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES"},{"reference_url":"https://github.com/proftpd/proftpd/issues/456","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/proftpd/proftpd/issues/456"},{"reference_url":"https://github.com/rapier1/hpn-ssh/releases","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/rapier1/hpn-ssh/releases"},{"reference_url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"},{"reference_url":"https://github.com/ronf/asyncssh/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ronf/asyncssh/tags"},{"reference_url":"https://github.com/ssh-mitm/ssh-mitm/issues/165","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/ssh-mitm/ssh-mitm/issues/165"},{"reference_url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0"},{"reference_url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/TeraTermProject/teraterm/releases/tag/v5.1"},{"reference_url":"https://github.com/warp-tech/russh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh"},{"reference_url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/commit/1aa340a7df1d5be1c0f4a9e247aade76dfdd2951"},{"reference_url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/warp-tech/russh/releases/tag/v0.40.2"},{"reference_url":"https://gitlab.com/libssh/libssh-mirror/-/tags","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://gitlab.com/libssh/libssh-mirror/-/tags"},{"reference_url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6"},{"reference_url":"https://go.dev/cl/550715","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/cl/550715"},{"reference_url":"https://go.dev/issue/64784","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://go.dev/issue/64784"},{"reference_url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg"},{"reference_url":"https://help.panic.com/releasenotes/transmit5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://help.panic.com/releasenotes/transmit5"},{"reference_url":"https://help.panic.com/releasenotes/transmit5/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://help.panic.com/releasenotes/transmit5/"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795"},{"reference_url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB"},{"reference_url":"https://matt.ucc.asn.au/dropbear/CHANGES","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://matt.ucc.asn.au/dropbear/CHANGES"},{"reference_url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC"},{"reference_url":"https://news.ycombinator.com/item?id=38684904","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38684904"},{"reference_url":"https://news.ycombinator.com/item?id=38685286","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38685286"},{"reference_url":"https://news.ycombinator.com/item?id=38732005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://news.ycombinator.com/item?id=38732005"},{"reference_url":"https://nova.app/releases/#v11.8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://nova.app/releases/#v11.8"},{"reference_url":"https://oryx-embedded.com/download/#changelog","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://oryx-embedded.com/download/#changelog"},{"reference_url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002"},{"reference_url":"https://roumenpetrov.info/secsh/#news20231220","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://roumenpetrov.info/secsh/#news20231220"},{"reference_url":"https://security.gentoo.org/glsa/202312-16","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-16"},{"reference_url":"https://security.gentoo.org/glsa/202312-17","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.gentoo.org/glsa/202312-17"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/libssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/libssh2"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg"},{"reference_url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/source-package/trilead-ssh2"},{"reference_url":"https://support.apple.com/kb/HT214084","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://support.apple.com/kb/HT214084"},{"reference_url":"https://twitter.com/TrueSkrillor/status/1736774389725565005","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://twitter.com/TrueSkrillor/status/1736774389725565005"},{"reference_url":"https://winscp.net/eng/docs/history#6.2.2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://winscp.net/eng/docs/history#6.2.2"},{"reference_url":"https://www.bitvise.com/ssh-client-version-history#933","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-client-version-history#933"},{"reference_url":"https://www.bitvise.com/ssh-server-version-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.bitvise.com/ssh-server-version-history"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update"},{"reference_url":"https://www.debian.org/security/2023/dsa-5586","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5586"},{"reference_url":"https://www.debian.org/security/2023/dsa-5588","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.debian.org/security/2023/dsa-5588"},{"reference_url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc"},{"reference_url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.netsarang.com/en/xshell-update-history"},{"reference_url":"https://www.netsarang.com/en/xshell-update-history/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.netsarang.com/en/xshell-update-history/"},{"reference_url":"https://www.openssh.com/openbsd.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/openbsd.html"},{"reference_url":"https://www.openssh.com/txt/release-9.6","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openssh.com/txt/release-9.6"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/18/2","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/18/2"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"https://www.paramiko.org/changelog.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.paramiko.org/changelog.html"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed"},{"reference_url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795"},{"reference_url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/"},{"reference_url":"https://www.terrapin-attack.com","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.terrapin-attack.com"},{"reference_url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.theregister.com/2023/12/20/terrapin_attack_ssh"},{"reference_url":"https://www.vandyke.com/products/securecrt/history.txt","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://www.vandyke.com/products/securecrt/history.txt"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/18/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/18/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/19/5","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/19/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/12/20/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/12/20/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/03/06/3","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/03/06/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/04/17/8","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/04/17/8"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001","reference_id":"1059001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059001"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002","reference_id":"1059002","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059002"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003","reference_id":"1059003","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059003"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004","reference_id":"1059004","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005","reference_id":"1059005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059005"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006","reference_id":"1059006","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059006"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007","reference_id":"1059007","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059007"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058","reference_id":"1059058","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059058"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144","reference_id":"1059144","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059144"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290","reference_id":"1059290","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059290"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294","reference_id":"1059294","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059294"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/","reference_id":"33XHJUB6ROFUOH2OQNENFROTVH6MHSHA","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/","reference_id":"3CAYYW35MUTNO65RVAELICTNZZFMT2XS","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/","reference_id":"3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/","reference_id":"6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/","reference_id":"BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/","reference_id":"C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/","reference_id":"CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/"},{"reference_url":"https://access.redhat.com/security/cve/cve-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://access.redhat.com/security/cve/cve-2023-48795"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-48795"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security-tracker.debian.org/tracker/CVE-2023-48795"},{"reference_url":"https://ubuntu.com/security/CVE-2023-48795","reference_id":"CVE-2023-48795","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://ubuntu.com/security/CVE-2023-48795"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway","reference_id":"CVE-2023-48795-AND-SFTP-GATEWAY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway"},{"reference_url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/","reference_id":"CVE-2023-48795-AND-SFTP-GATEWAY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://thorntech.com/cve-2023-48795-and-sftp-gateway/"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit","reference_id":"CVE-2023-48795-DETECT-OPENSSH-VULNERABILIT","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabilit"},{"reference_url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability","reference_id":"CVE-2023-48795-MITIGATE-OPENSSH-VULNERABILITY","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerability"},{"reference_url":"https://github.com/advisories/GHSA-45x7-px36-x8w8","reference_id":"GHSA-45x7-px36-x8w8","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://github.com/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8","reference_id":"GHSA-45x7-px36-x8w8","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/warp-tech/russh/security/advisories/GHSA-45x7-px36-x8w8"},{"reference_url":"https://security.gentoo.org/glsa/202407-11","reference_id":"GLSA-202407-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-11"},{"reference_url":"https://security.gentoo.org/glsa/202407-12","reference_id":"GLSA-202407-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202407-12"},{"reference_url":"https://security.gentoo.org/glsa/202509-06","reference_id":"GLSA-202509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-06"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/","reference_id":"HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/","reference_id":"I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/","reference_id":"KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/","reference_id":"L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/","reference_id":"LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240105-0004/","reference_id":"ntap-20240105-0004","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2023-12-22T05:01:05Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240105-0004/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7197","reference_id":"RHSA-2023:7197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7198","reference_id":"RHSA-2023:7198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7201","reference_id":"RHSA-2023:7201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0040","reference_id":"RHSA-2024:0040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0429","reference_id":"RHSA-2024:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0455","reference_id":"RHSA-2024:0455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0499","reference_id":"RHSA-2024:0499","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0499"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0538","reference_id":"RHSA-2024:0538","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0538"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0594","reference_id":"RHSA-2024:0594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0606","reference_id":"RHSA-2024:0606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0625","reference_id":"RHSA-2024:0625","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0625"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0628","reference_id":"RHSA-2024:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0766","reference_id":"RHSA-2024:0766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0789","reference_id":"RHSA-2024:0789","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0789"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0843","reference_id":"RHSA-2024:0843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0880","reference_id":"RHSA-2024:0880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0954","reference_id":"RHSA-2024:0954","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0954"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1130","reference_id":"RHSA-2024:1130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1150","reference_id":"RHSA-2024:1150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1192","reference_id":"RHSA-2024:1192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1193","reference_id":"RHSA-2024:1193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1196","reference_id":"RHSA-2024:1196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1197","reference_id":"RHSA-2024:1197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1210","reference_id":"RHSA-2024:1210","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1210"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1557","reference_id":"RHSA-2024:1557","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1859","reference_id":"RHSA-2024:1859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2728","reference_id":"RHSA-2024:2728","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2735","reference_id":"RHSA-2024:2735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2768","reference_id":"RHSA-2024:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2988","reference_id":"RHSA-2024:2988","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2988"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3479","reference_id":"RHSA-2024:3479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3634","reference_id":"RHSA-2024:3634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3635","reference_id":"RHSA-2024:3635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3636","reference_id":"RHSA-2024:3636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3918","reference_id":"RHSA-2024:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4010","reference_id":"RHSA-2024:4010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4151","reference_id":"RHSA-2024:4151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4329","reference_id":"RHSA-2024:4329","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4479","reference_id":"RHSA-2024:4479","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4479"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4484","reference_id":"RHSA-2024:4484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4597","reference_id":"RHSA-2024:4597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4662","reference_id":"RHSA-2024:4662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4955","reference_id":"RHSA-2024:4955","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4959","reference_id":"RHSA-2024:4959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5200","reference_id":"RHSA-2024:5200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5432","reference_id":"RHSA-2024:5432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5433","reference_id":"RHSA-2024:5433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5438","reference_id":"RHSA-2024:5438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8235","reference_id":"RHSA-2024:8235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4664","reference_id":"RHSA-2025:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4664"},{"reference_url":"https://usn.ubuntu.com/6560-1/","reference_id":"USN-6560-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-1/"},{"reference_url":"https://usn.ubuntu.com/6560-2/","reference_id":"USN-6560-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6560-2/"},{"reference_url":"https://usn.ubuntu.com/6561-1/","reference_id":"USN-6561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6561-1/"},{"reference_url":"https://usn.ubuntu.com/6585-1/","reference_id":"USN-6585-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6585-1/"},{"reference_url":"https://usn.ubuntu.com/6589-1/","reference_id":"USN-6589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6589-1/"},{"reference_url":"https://usn.ubuntu.com/6598-1/","reference_id":"USN-6598-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6598-1/"},{"reference_url":"https://usn.ubuntu.com/6738-1/","reference_id":"USN-6738-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6738-1/"},{"reference_url":"https://usn.ubuntu.com/7051-1/","reference_id":"USN-7051-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7051-1/"},{"reference_url":"https://usn.ubuntu.com/7292-1/","reference_id":"USN-7292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7292-1/"},{"reference_url":"https://usn.ubuntu.com/7297-1/","reference_id":"USN-7297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936062?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936063?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936064?format=json","purl":"pkg:deb/debian/putty@0.80-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.80-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2023-48795","GHSA-45x7-px36-x8w8"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jzn6-bzzf-nugp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79732?format=json","vulnerability_id":"VCID-k12n-wx13-9qb6","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9897","reference_id":"","reference_type":"","scores":[{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83421","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83402","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83213","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83229","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83243","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83267","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83286","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83281","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83317","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83318","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83319","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83342","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.8335","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83356","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01909","scoring_system":"epss","scoring_elements":"0.83381","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/6","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/6"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0001/"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.debian.org/security/2019/dsa-4423","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4423"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9897","reference_id":"CVE-2019-9897","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9897"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936059?format=json","purl":"pkg:deb/debian/putty@0.70-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9897"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k12n-wx13-9qb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91340?format=json","vulnerability_id":"VCID-pdn3-ps7b-ekbx","summary":"Multiple integer overflows in the (1) sftp_pkt_getstring and (2) fxp_readdir_recv functions in the PSFTP and PSCP clients for PuTTY 0.56, and possibly earlier versions, allow remote malicious web sites to execute arbitrary code via SFTP responses that corrupt the heap after insufficient memory has been allocated.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0467","reference_id":"","reference_type":"","scores":[{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83681","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83481","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83493","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83509","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83533","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83542","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83557","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83551","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83582","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83583","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83607","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83615","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83619","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01973","scoring_system":"epss","scoring_elements":"0.83663","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0467"},{"reference_url":"http://secunia.com/advisories/14333","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/14333"},{"reference_url":"http://secunia.com/advisories/17214","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17214"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19403","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/19403"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-readdir.html"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-sftp-string.html"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200502-28.xml"},{"reference_url":"http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=201&type=vulnerabilities"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0467","reference_id":"CVE-2005-0467","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0467"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936049?format=json","purl":"pkg:deb/debian/putty@0.57-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.57-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2005-0467"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdn3-ps7b-ekbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/251379?format=json","vulnerability_id":"VCID-px5z-rr8a-4fea","summary":"PuTTY before 0.75 on Windows allows remote servers to cause a denial of service (Windows GUI hang) by telling the PuTTY window to change its title repeatedly at high speed, which results in many SetWindowTextA or SetWindowTextW calls. NOTE: the same attack methodology may affect some OS-level GUIs on Linux or other platforms for similar reasons.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33500","reference_id":"","reference_type":"","scores":[{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60776","published_at":"2026-05-09T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60635","published_at":"2026-04-02T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60664","published_at":"2026-04-04T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60634","published_at":"2026-04-07T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60682","published_at":"2026-04-08T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60698","published_at":"2026-04-09T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60723","published_at":"2026-04-21T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.6071","published_at":"2026-04-12T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.6069","published_at":"2026-04-13T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60733","published_at":"2026-04-16T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60739","published_at":"2026-04-18T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60711","published_at":"2026-04-24T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60724","published_at":"2026-04-26T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60716","published_at":"2026-04-29T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60672","published_at":"2026-05-05T12:55:00Z"},{"value":"0.004","scoring_system":"epss","scoring_elements":"0.60719","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33500"},{"reference_url":"https://security.archlinux.org/AVG-1978","reference_id":"AVG-1978","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1978"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936056?format=json","purl":"pkg:deb/debian/putty@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2021-33500"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-px5z-rr8a-4fea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/162510?format=json","vulnerability_id":"VCID-qjwh-5833-u3gq","summary":"Multiple untrusted search path vulnerabilities in Putty beta 0.67 allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) UxTheme.dll or (2) ntmarta.dll file in the current working directory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6167","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30373","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30828","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30956","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.31004","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30879","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30909","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30912","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30824","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30855","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30835","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30518","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30434","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30294","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30365","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6167"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936056?format=json","purl":"pkg:deb/debian/putty@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2016-6167"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjwh-5833-u3gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49703?format=json","vulnerability_id":"VCID-u8f8-epv8-f3fy","summary":"Multiple vulnerabilities have been found in Putty, allowing\n    attackers to compromise user system","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4607","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17532","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17695","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17464","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17613","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17631","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17585","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17533","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17485","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1752","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1743","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17407","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17339","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17202","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17293","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17389","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4607"},{"reference_url":"https://security.gentoo.org/glsa/201308-01","reference_id":"GLSA-201308-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201308-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936051?format=json","purl":"pkg:deb/debian/putty@0.62-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.62-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2011-4607"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8f8-epv8-f3fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79730?format=json","vulnerability_id":"VCID-v36p-nzg5-xkep","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00004.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00020.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9894","reference_id":"","reference_type":"","scores":[{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75597","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75573","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.754","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75403","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75435","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75416","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75459","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75466","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75498","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75503","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75525","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75529","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75534","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00887","scoring_system":"epss","scoring_elements":"0.75544","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9894"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9898"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00023.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36LWQ3NPFIV7DC7TC4KFPRYRH2OR7SZ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LDO3F267P347E6U2IILFCYW7JPTLCCES/"},{"reference_url":"https://seclists.org/bugtraq/2019/Apr/6","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Apr/6"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190404-0001/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190404-0001/"},{"reference_url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"},{"reference_url":"https://www.debian.org/security/2019/dsa-4423","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4423"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9894","reference_id":"CVE-2019-9894","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9894"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936059?format=json","purl":"pkg:deb/debian/putty@0.70-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.70-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-9894"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v36p-nzg5-xkep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51286?format=json","vulnerability_id":"VCID-vhrh-78g7-8uf8","summary":"Multiple vulnerabilities have been found in PuTTY, the worst of\n    which could lead to arbitrary code execution, or cause a Denial of Service\n    condition.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173021.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-December/173094.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-11/msg00099.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5309","reference_id":"","reference_type":"","scores":[{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82618","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82406","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82421","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82438","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82462","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82487","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82483","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82515","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82516","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.8252","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82542","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82552","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82557","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82577","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01736","scoring_system":"epss","scoring_elements":"0.82597","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5309"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-ech-overflow.html"},{"reference_url":"http://www.debian.org/security/2015/dsa-3409","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3409"},{"reference_url":"http://www.securitytracker.com/id/1034308","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034308"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:simon_tatham:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5309","reference_id":"CVE-2015-5309","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-5309"},{"reference_url":"https://security.gentoo.org/glsa/201606-01","reference_id":"GLSA-201606-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201606-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936054?format=json","purl":"pkg:deb/debian/putty@0.66-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.66-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2015-5309"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhrh-78g7-8uf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47175?format=json","vulnerability_id":"VCID-wgxn-vy57-pbhk","summary":"PuTTY contains a vulnerability allowing an SSH server to execute arbitrary\n    code on the connecting client.","references":[{"reference_url":"http://marc.info/?l=bugtraq&m=109889312917613&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=109889312917613&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1008","reference_id":"","reference_type":"","scores":[{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92744","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92662","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92669","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.9269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92695","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92707","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92712","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92716","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.9271","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92719","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92733","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1008"},{"reference_url":"http://secunia.com/advisories/12987/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/12987/"},{"reference_url":"http://secunia.com/advisories/13012/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/13012/"},{"reference_url":"http://secunia.com/advisories/17214","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17214"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17886","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17886"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml"},{"reference_url":"http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true"},{"reference_url":"http://www.securityfocus.com/bid/11549","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/11549"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1008","reference_id":"CVE-2004-1008","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1008"},{"reference_url":"https://security.gentoo.org/glsa/200410-29","reference_id":"GLSA-200410-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200410-29"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936048?format=json","purl":"pkg:deb/debian/putty@0.56-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.56-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2004-1008"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgxn-vy57-pbhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31702?format=json","vulnerability_id":"VCID-wkyv-y23r-ubfe","summary":"Multiple vulnerabilities have been found in FileZilla, the worst of\n    which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4206","reference_id":"","reference_type":"","scores":[{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78323","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.7833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78361","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78344","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.7837","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78385","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78378","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78407","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78406","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78444","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78459","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78474","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78498","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01136","scoring_system":"epss","scoring_elements":"0.78514","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4208"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4852"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070","reference_id":"719070","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719070"},{"reference_url":"https://security.gentoo.org/glsa/201309-08","reference_id":"GLSA-201309-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201309-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936052?format=json","purl":"pkg:deb/debian/putty@0.63-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2013-4206"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wkyv-y23r-ubfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59784?format=json","vulnerability_id":"VCID-wt4y-m5m4-jyat","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2157","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31824","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31953","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31996","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31896","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3186","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31857","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31838","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3181","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31514","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3143","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31281","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31357","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-2157"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2157","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2157"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779488","reference_id":"779488","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779488"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936053?format=json","purl":"pkg:deb/debian/putty@0.63-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.63-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2015-2157"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wt4y-m5m4-jyat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94071?format=json","vulnerability_id":"VCID-y6nv-z5s2-jqds","summary":"PuTTY before 0.73 mishandles the \"bracketed paste mode\" protection mechanism, which may allow a session to be affected by malicious clipboard content.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00020.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00021.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00030.html"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17068","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64544","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64499","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64328","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64382","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64411","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64372","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.6442","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64436","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64448","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64407","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64443","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64454","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64447","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64468","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64481","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64478","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64452","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17068"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17068","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17068"},{"reference_url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191127-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191127-0003/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17068","reference_id":"CVE-2019-17068","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17068"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936058?format=json","purl":"pkg:deb/debian/putty@0.73-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.73-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-17068"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6nv-z5s2-jqds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197691?format=json","vulnerability_id":"VCID-ze9r-u2f1-mkfe","summary":"PuTTY before 0.73 on Windows improperly opens port-forwarding listening sockets, which allows attackers to listen on the same port to steal an incoming connection.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17067","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62923","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62824","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62703","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6276","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62791","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62806","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62823","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62841","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6283","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62807","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62847","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62855","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62835","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62871","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6287","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17067"},{"reference_url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20191127-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20191127-0003/"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17067","reference_id":"CVE-2019-17067","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936056?format=json","purl":"pkg:deb/debian/putty@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"}],"aliases":["CVE-2019-17067"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze9r-u2f1-mkfe"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"}