Known Vulnerabilities for Dropbear Ssh by Dropbear Ssh Project
Listed below are 10 of the newest known vulnerabilities associated with "Dropbear Ssh" by "Dropbear Ssh Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2025-15638 json | Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2023-48795 json | 5.9 - MEDIUM | 2023-12-18 | 2024-03-13 | |
| CVE-2021-36369 json | An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods... | 7.5 - HIGH | 2022-10-12 | 2023-01-20 |
| CVE-2020-36254 json | scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. | 8.1 - HIGH | 2021-02-25 | 2021-09-17 |
| CVE-2019-12953 json | Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different is... | 5.3 - MEDIUM | 2020-12-30 | 2021-07-21 |
| CVE-2018-15599 json | The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability... | 5.3 - MEDIUM | 2018-08-21 | 2020-12-30 |
| CVE-2017-9079 json | Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file forma... | 4.7 - MEDIUM | 2017-05-19 | 2019-10-04 |
| CVE-2017-9078 json | The server in Dropbear before 2017.75 might allow post-authentication root remote code execution because of a double free in ... | 8.8 - HIGH | 2017-05-19 | 2022-07-11 |
| CVE-2017-2659 json | It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an inval... | 7.5 - HIGH | 2019-03-21 | 2019-10-09 |
| CVE-2016-7409 json | The dbclient and server in Dropbear SSH before 2016.74, when compiled with DEBUG_TRACE, allows local users to read process me... | 5.5 - MEDIUM | 2017-03-03 | 2017-03-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dropbear Ssh Project | Dropbear Ssh | 2018.76 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2017.75 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.74 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.73 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.72 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.71 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.70 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.69 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.68 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.67 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.66 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.65 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.64 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.63 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.62 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.61 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.60 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.59 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.58 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.57 |