Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Openssh Number Of NVD 113 CRITICAL 5 HIGH 44 MEDIUM 53 LOW 11
URL https://www.openssh.com/
Explanation It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems.
It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag
  • BSD License
  • オープンソース
Add Information URL
No Type Name URL
1 https://anongit.mindrot.org/openssh
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
51 OpenSSH 9 9.9p2 Feb. 18, 2025 April 8, 2022 2 2 5 0
52 OpenSSH 8 8.9 Feb. 23, 2022 April 17, 2019 2 7 6 1
53 OpenSSH 7 OpenSSH 7.9 Oct. 19, 2018 Aug. 11, 2015 2 12 17 1
54 OpenSSH 6 OpenSSH 6.9 July 1, 2015 April 22, 2012 2 14 23 2
55 OpenSSH 5 OpenSSH 5.9 Sept. 6, 2011 April 3, 2008 2 12 22 6
56 OpenSSH 4 OpenSSH 4.9 March 31, 2008 March 9, 2005 2 18 30 9
57 OpenSSH 3 OpenSSH 3.9 Aug. 18, 2004 Nov. 6, 2001 4 28 30 7
58 OpenSSH 8.4 8.4 1 3 5 1
59 OpenSSH 8.3 8.3 1 4 5 1
60 OpenSSH 8.2 8.2 1 5 5 1
61 OpenSSH 8.1 8.1 1 3 5 1
62 OpenSSH 8.0 8.0 1 4 5 1
63 OpenSSH 7.9 7.9 1 4 9 1
64 OpenSSH 7.8 7.8 1 4 10 1
65 OpenSSH 7.7 7.7 1 4 11 1
66 OpenSSH 7.6 7.6 1 3 11 1
67 OpenSSH 7.5 7.5 1 3 12 1
68 OpenSSH 7.4 7.4 1 3 12 1
69 OpenSSH 7.3 7.3 1 8 13 1
70 OpenSSH 7.2 7.2p2 March 10, 2016 1 10 15 1
71 OpenSSH 7.1 7.1p2 Jan. 14, 2016 2 11 17 1
72 OpenSSH 7.0 7.0 2 11 17 1
73 OpenSSH 6.9 6.9 2 13 18 2
74 OpenSSH 6.8 6.8 2 13 19 2
75 OpenSSH 6.7 6.7 2 11 17 2
76 OpenSSH 6.6 6.6 2 11 18 2
77 OpenSSH 6.5 6.5 2 11 19 2
78 OpenSSH 6.4 6.4 2 12 19 2
79 OpenSSH 6.3 6.3 2 12 20 2
80 OpenSSH 6.2 6.2p2 May 16, 2013 2 12 20 2
81 OpenSSH 6.1 6.1 2 11 20 2
82 OpenSSH 6.0 6.0 2 11 20 2
83 OpenSSH 5.9 5.9 2 11 20 2
84 OpenSSH 5.8p2 5.8p2 2 10 19 2
85 OpenSSH 5.8 5.8p2 May 3, 2011 2 11 20 4
86 OpenSSH 5.7 5.7 2 11 21 4
87 OpenSSH 5.6 5.6 2 12 20 5
88 OpenSSH 5.5 5.5 2 12 19 5
89 OpenSSH 5.4 5.4 2 12 19 5
90 OpenSSH 5.3 5.3 2 11 19 5
91 OpenSSH 5.2 5.2 2 11 19 5
92 OpenSSH 5.1 5.1 2 11 19 5
93 OpenSSH 5.0 5.0 2 11 19 6
94 OpenSSH 4.9 4.9 2 11 19 6
95 OpenSSH 4.8 4.8 2 11 21 6
96 OpenSSH 4.7p1 4.7p1 2 11 18 7
97 OpenSSH 4.7 4.7 2 11 20 7
98 OpenSSH 4.6 4.6 2 12 21 6
99 OpenSSH 4.5 4.5 2 14 22 7
100 OpenSSH 4.4p1 4.4p1 2 12 21 6
101 OpenSSH 4.4 4.4 2 15 21 6
102 OpenSSH 4.3p2 4.3p2 2 12 22 6
103 OpenSSH 4.3p1 4.3p1 2 13 21 6
104 OpenSSH 4.3 4.3p2 Feb. 11, 2006 2 16 24 6
105 OpenSSH 4.2p1 4.2p1 2 13 22 6
106 OpenSSH 4.2 4.2 2 16 22 6
107 OpenSSH 4.1p1 4.1p1 2 13 23 6
108 OpenSSH 4.1 4.1 2 16 23 7
109 OpenSSH 4.0p1 4.0p1 2 13 23 6
110 OpenSSH 4.0 4.0 2 16 25 6
111 OpenSSH 3.9 3.9.1p1 2 16 24 7
112 OpenSSH 3.8 3.8.1p1 2 16 25 7
113 OpenSSH 3.7 3.7.1p2 2 21 25 7
114 OpenSSH 3.6 3.6.1p2 2 21 26 7
115 OpenSSH 3.5p1 3.5p1 2 17 24 7
116 OpenSSH 3.5 3.5 2 20 26 7
117 OpenSSH 3.4p1 3.4p1 2 17 24 7
118 OpenSSH 3.4 3.4 2 20 26 7
119 OpenSSH 3.3p1 3.3p1 2 18 24 7
120 OpenSSH 3.3 3.3 3 21 26 7
121 OpenSSH 3.2 3.2.3p1 3 23 26 7
122 OpenSSH 3.1p1 3.1p1 2 18 24 7
123 OpenSSH 3.1 3.1 3 22 26 7
124 OpenSSH 3.0p1 3.0p1 2 19 24 7
125 OpenSSH 3.0 3.0.2p1 4 24 27 7
126 OpenSSH 2.9p2 2.9p2 4 23 23 6
127 OpenSSH 2.9p1 2.9p1 4 23 23 6
128 OpenSSH 2.9 2.9p2 June 17, 2001 3 27 24 6
129 OpenSSH 2.5 2.5.2p2 March 22, 2001 3 27 24 6
130 OpenSSH 2.3 2.3.0p1 Nov. 6, 2000 3 27 25 6
131 OpenSSH 2.2 2.2.0p1 Sept. 1, 2000 3 29 24 6
132 OpenSSH 2.1 2.1.1p4 July 16, 2000 3 29 25 6
133 OpenSSH 2 OpenSSH 2.9.9 Sept. 25, 2001 4 30 26 6
134 OpenSSH 1.5 1.5.8 2 23 22 6
135 OpenSSH 1.3 1.3 2 23 22 6
136 OpenSSH 1.2 1.2.3p1 March 24, 2000 2 27 28 7
137 OpenSSH 1 OpenSSH 1.2.3p1 March 24, 2000 2 27 28 7
138 OpenSSH - - 2 22 24 6
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
51 -
3.5 		LOW The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory co… CWE-189
Numeric Errors 		CVE-2011-5000 cpe:2.3:a:openbsd:openssh:5.7:*
cpe:2.3:a:openbsd:openssh:5.6:*
cpe:2.3:a:openbsd:openssh:5.5:*
cpe:2.3:a:open… 		5.8 2024-11-21 10:33
2012-04-5 		Show GitHub Exploit DB Packet Storm
52 -
3.5 		LOW The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain p… CWE-255
Credentials Management 		CVE-2012-0814 cpe:2.3:a:openbsd:openssh:5.5:*
cpe:2.3:a:openbsd:openssh:5.4:*
cpe:2.3:a:openbsd:openssh:5.3:*
cpe:2.3:a:open… 		5.6 2024-11-21 10:35
2012-01-28 		Show GitHub Exploit DB Packet Storm
53 -
4.0 		MEDIUM The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow… CWE-399
 Resource Management Errors 		CVE-2010-4755 cpe:2.3:a:openbsd:openssh:5.7:*
cpe:2.3:a:openbsd:openssh:5.6:*
cpe:2.3:a:openbsd:openssh:5.5:*
cpe:2.3:a:open… 		5.8 2024-11-21 10:21
2011-03-3 		Show GitHub Exploit DB Packet Storm
54 -
5.0 		MEDIUM The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which mi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2011-0539 cpe:2.3:a:openbsd:openssh:5.7:*
cpe:2.3:a:openbsd:openssh:5.6:* 		2024-11-21 10:24
2011-02-11 		Show GitHub Exploit DB Packet Storm
55 -
7.5 		HIGH OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared … CWE-287
Improper Authentication 		CVE-2010-4478 cpe:2.3:a:openbsd:openssh:5.5:*
cpe:2.3:a:openbsd:openssh:5.4:*
cpe:2.3:a:openbsd:openssh:5.3:*
cpe:2.3:a:open… 		5.6 2024-11-21 10:21
2010-12-7 		Show GitHub Exploit DB Packet Storm
56 -
6.9 		MEDIUM A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privilege… CWE-16
Configuration 		CVE-2009-2904 cpe:2.3:a:openbsd:openssh:4.8:*
cpe:2.3:a:openbsd:openssh:4.3:* 		2026-04-23 09:35
2009-10-2 		Show GitHub Exploit DB Packet Storm
57 -
2.6 		LOW Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.… CWE-200
Information Exposure 		CVE-2008-5161 cpe:2.3:a:openbsd:openssh:4.7p1:* 2026-04-23 09:35
2008-11-20 		Show GitHub Exploit DB Packet Storm
58 -
5.0 		MEDIUM A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal ha… CWE-264
NVD-CWE-noinfo
Permissions, Privileges, and Access Controls 		CVE-2008-4109 cpe:2.3:a:openbsd:openssh:4.4p1:*
cpe:2.3:a:openbsd:openssh:4.4:*
cpe:2.3:a:openbsd:openssh:4.3p2:*
cpe:2.3:a:…
4.3p2
4.6

2026-04-23 09:35
2008-09-19 		Show GitHub Exploit DB Packet Storm
59 -
1.2 		LOW OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a b… CWE-200
Information Exposure 		CVE-2008-3259 cpe:2.3:a:openbsd:openssh:4.9:*
cpe:2.3:a:openbsd:openssh:4.8:*
cpe:2.3:a:openbsd:openssh:4.7:*
cpe:2.3:a:open… 		5.0 2026-04-23 09:35
2008-07-23 		Show GitHub Exploit DB Packet Storm
60 -
6.5 		MEDIUM sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, follo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-3234 cpe:2.3:a:openbsd:openssh:4.0:* 2026-04-23 09:35
2008-07-19 		Show GitHub Exploit DB Packet Storm