pkg:Alpine/openssh
30 total CVEsCRITICAL2HIGH10MEDIUM14LOW4
✅ Check your installed version
All known vulnerabilities
- from 0, < 9.0_p1-r4
- CRITICAL9.8CVE-2023-28531ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.from 0, < 9.0_p1-r3
- from 0, < 9.1_p1-r6
- HIGH7.8CVE-2016-10012The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds chec…from 0, < 7.4_p1-r0
- from 0, < 6.8_p1-r10
- from 0, < 6.8_p1-r8
- HIGH7.4CVE-2020-15778scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destina…from 0, < 8.3_p1-r0
- HIGH7.3CVE-2016-10009Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PK…from 0, < 7.4_p1-r0
- HIGH7.1CVE-2021-28041ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket a…from 0, < 8.3_p1-r2
- HIGH7.0CVE-2023-51767OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer va…from 0, < 9.7_p1-r0
- from 0, < 8.1_p1-r1
- HIGH7.0CVE-2016-10010sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local u…from 0, < 7.4_p1-r0
- from 0, < 9.3_p2-r3
- from 0, < 7.9_p1-r3
- MEDIUM6.5CVE-2023-51385In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is refer…from 0, < 9.0_p1-r5
- from 0, < 9.6_p1-r2
- MEDIUM5.9CVE-2023-48795Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapinfrom 0, < 9.0_p1-r5
- MEDIUM5.9CVE-2020-14145The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.from 0, < 8.3_p1-r1
- from 0, < 7.9_p1-r3
- from 0, < 6.8_p1-r7
- MEDIUM5.5CVE-2023-51384In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied.from 0, < 9.0_p1-r5
- MEDIUM5.5CVE-2016-10011authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local user…from 0, < 7.4_p1-r0
- from 0, < 7.9_p1-r3
- from 0, < 7.7_p1-r4
- MEDIUM5.3CVE-2017-15906The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows…from 0, < 7.5_p1-r8
- MEDIUM5.3CVE-2016-1907The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds…from 0, < 6.8_p1-r10
- from 0, < 10.0_p1-r0
- from 0, < 8.9_p1-r0
- LOW3.6CVE-2025-61985ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.from 0, < 10.0_p1-r10
- LOW3.6CVE-2025-61984ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leadi…from 0, < 10.0_p1-r10