pkg:Debian/openssh
126 total CVEsCRITICAL5HIGH30MEDIUM38LOW7
✅ Check your installed version
All known vulnerabilities
- from 0, < 1:8.4p1-5+deb11u2
- from 0, < 1:7.9p1-10+deb10u3
- CRITICAL9.8CVE-2023-28531ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.from 0, < 1:9.2p1-2+deb12u2
- CRITICAL9.8CVE-2016-1908The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for ac…from 0, < 1:7.2p1-1
- CRITICAL9.8CVE-2002-0639Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentic…from 0, < 1:3.4
- HIGH8.1CVE-2026-35414OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with…from 0, < 1:8.4p1-5+deb11u7
- HIGH8.1CVE-2026-35386In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line.from 0, < 1:8.4p1-5+deb11u7
- HIGH8.1CVE-2026-35385In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the…from 0, < 1:8.4p1-5+deb11u7
- from 0, < 1:9.2p1-2+deb12u3
- from 0, < 1:9.2p1-2+deb12u3
- HIGH8.1CVE-2016-0778The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when cert…from 0, < 1:7.1p2-1
- HIGH8.1CVE-2015-5600The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-inter…from 0, < 1:6.9p1-1
- from 0, < 1:4.3p2-9etch3
- from 0, < 1:4.6p1-1
- HIGH7.8CVE-2019-16905OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a cli…from 0, < 1:8.1p1-1
- HIGH7.8CVE-2016-10012The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds chec…from 0, < 1:7.4p1-1
- from 0, < 1:6.0p1-4+deb7u4
- from 0, < 1:7.2p2-3
- HIGH7.5CVE-2024-39894OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an Ob…from 0, < 1:9.8p1-1
- HIGH7.5CVE-2020-12062The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicio…from 0, < 1:8.3p1-1
- from 0, < 1:6.0p1-4+deb7u7
- from 0, < 1:7.4p1-1
- HIGH7.5CVE-2016-8858The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory con…from 0, < 1:7.3p1-2
- from 0, < 1:6.0p1-4+deb7u6
- from 0, < 1:7.3p1-1
- HIGH7.5CVE-2010-5107The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login,…from 0, < 1:6.0p1-4
- HIGH7.5CVE-2011-0539The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option…from 0, < 1:5.8p1-2
- HIGH7.5CVE-2008-0166OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable…from 0, < 4.7p1-9
- HIGH7.4CVE-2020-15778scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destina…from 0
- HIGH7.3CVE-2016-10009Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PK…from 0, < 1:7.4p1-1
- HIGH7.1CVE-2021-28041ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket a…from 0, < 1:8.4p1-5
- from 0, < 1:7.9p1-10+deb10u4
- from 0, < 1:8.4p1-5+deb11u3
- HIGH7.0CVE-2016-10010sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local u…from 0, < 1:7.4p1-1
- HIGH7.0CVE-2015-6564Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms mig…from 0, < 1:6.9p1-1
- from 0, < 1:8.4p1-5+deb11u4
- from 0, < 1:8.4p1-5+deb11u4
- from 0, < 1:9.2p1-2+deb12u5
- MEDIUM6.8CVE-2019-6110In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker)…from 0
- from 0, < 1:7.9p1-6
- from 0, < 1:8.4p1-5+deb11u7
- MEDIUM6.5CVE-2023-51385In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is refer…from 0, < 1:8.4p1-5+deb11u3
- MEDIUM6.5CVE-2023-25136OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling.from 0, < 1:9.2p1-1
- from 0, < 1:6.0p1-4+deb7u3
- from 0, < 1:5.5p1-6+squeeze8
- from 0, < 1:7.1p2-1
- MEDIUM6.5CVE-2014-2653The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHF…from 0, < 1:6.6p1-1
- MEDIUM6.5CVE-2012-0814The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command…from 0, < 1:5.6p1-1
- MEDIUM6.4CVE-2016-3115Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended sh…from 0, < 1:7.2p2-1
- MEDIUM6.4CVE-2015-6563The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX r…from 0, < 1:6.9p1-1
- from 0, < 1:9.9p2-1
- MEDIUM5.9CVE-2023-48795Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapinfrom 0, < 1:8.4p1-5+deb11u3
- MEDIUM5.9CVE-2023-48795Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapinfrom 0, < 1:8.4p1-5+deb11u3
- MEDIUM5.9CVE-2020-14145The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.from 0
- from 0, < 1:7.9p1-9
- from 0, < 1:7.4p1-10+deb9u6
- from 0, < 1:6.7p1-5+deb8u3
- from 0, < 1:6.0p1-4+deb7u5
- from 0, < 1:7.2p2-6
- MEDIUM5.5CVE-2023-51384In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied.from 0, < 1:9.2p1-2+deb12u2
- MEDIUM5.5CVE-2016-10011authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local user…from 0, < 1:7.4p1-1
- MEDIUM5.3CVE-2016-20012OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH…from 0
- from 0, < 1:7.4p1-10+deb9u5
- from 0, < 1:7.9p1-5
- from 0, < 1:6.7p1-5+deb8u8
- MEDIUM5.3CVE-2018-15919Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a tar…from 0
- from 0, < 1:7.7p1-4
- from 0, < 1:6.7p1-5+deb8u5
- from 0, < 1:7.4p1-10+deb9u4
- MEDIUM5.3CVE-2017-15906The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows…from 0, < 1:7.6p1-1
- MEDIUM5.3CVE-2016-1907The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds…from 0, < 1:7.1p2-1
- from 0, < 1:6.6p1-1
- from 0, < 1:5.5p1-6+squeeze5
- from 0, < 1:8.4p1-5+deb11u5
- from 0, < 1:8.4p1-5+deb11u5
- from 0
- LOW3.7CVE-2008-5161Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through…from 0, < 1:5.1p1-5
- LOW3.6CVE-2025-61985ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.from 0, < 1:8.4p1-5+deb11u7
- LOW3.6CVE-2025-61984ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leadi…from 0, < 1:8.4p1-5+deb11u7
- LOW2.5CVE-2026-35388OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.from 0, < 1:8.4p1-5+deb11u7
- from 0, < 1:8.4p1-5+deb11u6
- from 0, < 1:6.7p1-5+deb8u6
- from 0, < 1:6.9p1-1
- from 0, < 1:5.5p1-6+squeeze6
- —CVE-2013-4548The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initi…from 0, < 1:6.4p1-1
- —CVE-2011-5000The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote…from 0, < 1:5.9p1-1
- —CVE-2008-4109A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE us…from 0, < 1:4.6p1-1
- —CVE-2008-3234sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary S…from 0
- —CVE-2008-2285The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it…from 0, < 1:4.7p1-10
- —CVE-2008-1657OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .…from 0, < 1:4.7p1-8
- —CVE-2008-1483OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even…from 0, < 1:4.7p1-5
- from 0, < 1:4.3p2-9etch2
- from 0, < 1:4.7p1-1
- —CVE-2007-2768OpenSSH, when using OPIE (One-Time Passwords in Everything) for PAM, allows remote attackers to determine the existence of certain user acc…from 0
- —CVE-2007-2243OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accoun…from 0
- —CVE-2006-5794Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has…from 0, < 1:4.3p2-6
- —CVE-2006-4925packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAU…from 0, < 1:5.1p1-5
- —CVE-2006-5052Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity…from 0, < 1:4.6p1-1
- from 0, < 1:3.8.1p1-8.sarge.6
- from 0, < 1:4.3p2-4
- from 0, < 1:3.8.1p1-8.sarge.6
- —CVE-2006-0883OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authenti…from 0, < 1:3.8.1p1-4
- —CVE-2006-0225scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are ex…from 0, < 1:4.3p2-1
- —CVE-2005-2798sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in usin…from 0, < 1:4.2p1-1
- —CVE-2005-2797OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not pro…from 0, < 1:4.2p1-1
- —CVE-2005-2666SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the…from 0, < 1:4.0p1-1
- —CVE-2004-2760sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct…from 0, < 1:3.6p1-1
- —CVE-2004-2069sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privil…from 0, < 1:3.8p1
- —CVE-2004-0175Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files.from 0, < 1:3.9p1-1
- —CVE-2003-1562sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a…from 0, < 1:3.8.1p1-8.sarge.4
- —CVE-2003-0787The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attacker…from 0, < 1:3.7.1p2
- —CVE-2003-0786The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the resu…from 0, < 1:3.7.1p2
- from 0, < 1:3.4p1-1.woody.3
- from 0, < 1:3.4p1-1.woody.3
- from 0, < 1:3.6.1p2-9
- —CVE-2003-0695Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code usin…from 0, < 1:3.7.1
- from 0, < 1:3.4p1-1.woody.2
- from 0, < 1:3.4p1-1.1
- from 0, < 1:3.6.1p2-6.0
- —CVE-2003-0386OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attac…from 0, < 1:3.8p1-1
- —CVE-2003-0190OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, whic…from 0, < 1:3.8.1p1-8.sarge.4
- —CVE-2002-0765sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in w…from 0, < 1:3.3p1-0.0woody1
- —CVE-2002-0640Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses d…from 0, < 1:3.4
- —CVE-2001-1507OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.from 0, < 1:3.0.1
- —CVE-2001-1459OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allow…from 0, < 1:3.0.1p1-1
- —CVE-2000-0992Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a ..from 0, < 1:3.9p1-1