Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Openssh Number Of NVD 113 CRITICAL 5 HIGH 44 MEDIUM 53 LOW 11
URL https://www.openssh.com/
Explanation It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems.
It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag
  • BSD License
  • オープンソース
Add Information URL
No Type Name URL
1 https://anongit.mindrot.org/openssh
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
91 OpenSSH 9 9.9p2 Feb. 18, 2025 April 8, 2022 2 2 5 0
92 OpenSSH 8 8.9 Feb. 23, 2022 April 17, 2019 2 7 6 1
93 OpenSSH 7 OpenSSH 7.9 Oct. 19, 2018 Aug. 11, 2015 2 12 17 1
94 OpenSSH 6 OpenSSH 6.9 July 1, 2015 April 22, 2012 2 14 23 2
95 OpenSSH 5 OpenSSH 5.9 Sept. 6, 2011 April 3, 2008 2 12 22 6
96 OpenSSH 4 OpenSSH 4.9 March 31, 2008 March 9, 2005 2 18 30 9
97 OpenSSH 3 OpenSSH 3.9 Aug. 18, 2004 Nov. 6, 2001 4 28 30 7
98 OpenSSH 8.4 8.4 1 3 5 1
99 OpenSSH 8.3 8.3 1 4 5 1
100 OpenSSH 8.2 8.2 1 5 5 1
101 OpenSSH 8.1 8.1 1 3 5 1
102 OpenSSH 8.0 8.0 1 4 5 1
103 OpenSSH 7.9 7.9 1 4 9 1
104 OpenSSH 7.8 7.8 1 4 10 1
105 OpenSSH 7.7 7.7 1 4 11 1
106 OpenSSH 7.6 7.6 1 3 11 1
107 OpenSSH 7.5 7.5 1 3 12 1
108 OpenSSH 7.4 7.4 1 3 12 1
109 OpenSSH 7.3 7.3 1 8 13 1
110 OpenSSH 7.2 7.2p2 March 10, 2016 1 10 15 1
111 OpenSSH 7.1 7.1p2 Jan. 14, 2016 2 11 17 1
112 OpenSSH 7.0 7.0 2 11 17 1
113 OpenSSH 6.9 6.9 2 13 18 2
114 OpenSSH 6.8 6.8 2 13 19 2
115 OpenSSH 6.7 6.7 2 11 17 2
116 OpenSSH 6.6 6.6 2 11 18 2
117 OpenSSH 6.5 6.5 2 11 19 2
118 OpenSSH 6.4 6.4 2 12 19 2
119 OpenSSH 6.3 6.3 2 12 20 2
120 OpenSSH 6.2 6.2p2 May 16, 2013 2 12 20 2
121 OpenSSH 6.1 6.1 2 11 20 2
122 OpenSSH 6.0 6.0 2 11 20 2
123 OpenSSH 5.9 5.9 2 11 20 2
124 OpenSSH 5.8p2 5.8p2 2 10 19 2
125 OpenSSH 5.8 5.8p2 May 3, 2011 2 11 20 4
126 OpenSSH 5.7 5.7 2 11 21 4
127 OpenSSH 5.6 5.6 2 12 20 5
128 OpenSSH 5.5 5.5 2 12 19 5
129 OpenSSH 5.4 5.4 2 12 19 5
130 OpenSSH 5.3 5.3 2 11 19 5
131 OpenSSH 5.2 5.2 2 11 19 5
132 OpenSSH 5.1 5.1 2 11 19 5
133 OpenSSH 5.0 5.0 2 11 19 6
134 OpenSSH 4.9 4.9 2 11 19 6
135 OpenSSH 4.8 4.8 2 11 21 6
136 OpenSSH 4.7p1 4.7p1 2 11 18 7
137 OpenSSH 4.7 4.7 2 11 20 7
138 OpenSSH 4.6 4.6 2 12 21 6
139 OpenSSH 4.5 4.5 2 14 22 7
140 OpenSSH 4.4p1 4.4p1 2 12 21 6
141 OpenSSH 4.4 4.4 2 15 21 6
142 OpenSSH 4.3p2 4.3p2 2 12 22 6
143 OpenSSH 4.3p1 4.3p1 2 13 21 6
144 OpenSSH 4.3 4.3p2 Feb. 11, 2006 2 16 24 6
145 OpenSSH 4.2p1 4.2p1 2 13 22 6
146 OpenSSH 4.2 4.2 2 16 22 6
147 OpenSSH 4.1p1 4.1p1 2 13 23 6
148 OpenSSH 4.1 4.1 2 16 23 7
149 OpenSSH 4.0p1 4.0p1 2 13 23 6
150 OpenSSH 4.0 4.0 2 16 25 6
151 OpenSSH 3.9 3.9.1p1 2 16 24 7
152 OpenSSH 3.8 3.8.1p1 2 16 25 7
153 OpenSSH 3.7 3.7.1p2 2 21 25 7
154 OpenSSH 3.6 3.6.1p2 2 21 26 7
155 OpenSSH 3.5p1 3.5p1 2 17 24 7
156 OpenSSH 3.5 3.5 2 20 26 7
157 OpenSSH 3.4p1 3.4p1 2 17 24 7
158 OpenSSH 3.4 3.4 2 20 26 7
159 OpenSSH 3.3p1 3.3p1 2 18 24 7
160 OpenSSH 3.3 3.3 3 21 26 7
161 OpenSSH 3.2 3.2.3p1 3 23 26 7
162 OpenSSH 3.1p1 3.1p1 2 18 24 7
163 OpenSSH 3.1 3.1 3 22 26 7
164 OpenSSH 3.0p1 3.0p1 2 19 24 7
165 OpenSSH 3.0 3.0.2p1 4 24 27 7
166 OpenSSH 2.9p2 2.9p2 4 23 23 6
167 OpenSSH 2.9p1 2.9p1 4 23 23 6
168 OpenSSH 2.9 2.9p2 June 17, 2001 3 27 24 6
169 OpenSSH 2.5 2.5.2p2 March 22, 2001 3 27 24 6
170 OpenSSH 2.3 2.3.0p1 Nov. 6, 2000 3 27 25 6
171 OpenSSH 2.2 2.2.0p1 Sept. 1, 2000 3 29 24 6
172 OpenSSH 2.1 2.1.1p4 July 16, 2000 3 29 25 6
173 OpenSSH 2 OpenSSH 2.9.9 Sept. 25, 2001 4 30 26 6
174 OpenSSH 1.5 1.5.8 2 23 22 6
175 OpenSSH 1.3 1.3 2 23 22 6
176 OpenSSH 1.2 1.2.3p1 March 24, 2000 2 27 28 7
177 OpenSSH 1 OpenSSH 1.2.3p1 March 24, 2000 2 27 28 7
178 OpenSSH - - 2 22 24 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
91 9.8
10.0 		CRITICAL
Network 		Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is usin… CWE-190
 Integer Overflow or Wraparound 		CVE-2002-0639 cpe:2.3:a:openbsd:openssh:*:* 2.9.9 3.3 2024-02-9 03:37
2002-07-3 		Show GitHub Exploit DB Packet Storm
92 -
10.0 		HIGH Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is usin… NVD-CWE-Other
CVE-2002-0640 cpe:2.3:a:openbsd:openssh:3.3p1:*
cpe:2.3:a:openbsd:openssh:3.3:*
cpe:2.3:a:openbsd:openssh:3.2:*
cpe:2.3:a:op… 		2024-07-1 20:15
2002-07-3 		Show GitHub Exploit DB Packet Storm
93 -
7.5 		HIGH Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privile… NVD-CWE-Other
CVE-2002-0575 cpe:2.3:a:openbsd:openssh:3.2:*
cpe:2.3:a:openbsd:openssh:3.1:*
cpe:2.3:a:openbsd:openssh:3.0:*
cpe:2.3:a:open… 		2016-10-18 11:20
2002-06-18 		Show GitHub Exploit DB Packet Storm
94 9.8
10.0 		CRITICAL
Network 		Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. CWE-193
 Off-by-one Error 		CVE-2002-0083 cpe:2.3:a:openbsd:openssh:*:* 2.0 3.1 2024-02-2 11:52
2002-03-15 		Show GitHub Exploit DB Packet Storm
95 -
7.5 		HIGH OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged. NVD-CWE-Other
CVE-2001-1507 cpe:2.3:a:openbsd:openssh:3.0p1:*
cpe:2.3:a:openbsd:openssh:3.0:* 		2008-09-11 04:10
2001-12-31 		Show GitHub Exploit DB Packet Storm
96 -
6.8 		MEDIUM SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure t… CWE-287
Improper Authentication 		CVE-2001-1585 cpe:2.3:a:openbsd:openssh:2.3.1:* 2017-07-29 10:29
2001-12-31 		Show GitHub Exploit DB Packet Storm
97 -
7.2 		HIGH OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. NVD-CWE-Other
CVE-2001-0872 cpe:2.3:a:openbsd:openssh:*:* 3.0.1 2018-05-3 10:29
2001-12-21 		Show GitHub Exploit DB Packet Storm
98 -
7.5 		HIGH OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. NVD-CWE-Other
CVE-2001-0816 cpe:2.3:a:openbsd:openssh:*:* 2.9.9 2017-10-10 10:29
2001-12-6 		Show GitHub Exploit DB Packet Storm
99 -
7.5 		HIGH OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow… NVD-CWE-Other
CVE-2001-1380 cpe:2.3:a:openbsd:openssh:*:* 2.9.9 2018-05-3 10:29
2001-10-18 		Show GitHub Exploit DB Packet Storm
100 -
5.0 		MEDIUM The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers t… NVD-CWE-Other
CVE-2001-1382 cpe:2.3:a:openbsd:openssh:*:* 2.9.9p2 2008-09-6 05:26
2001-09-27 		Show GitHub Exploit DB Packet Storm