Known Vulnerabilities for Dropbear Ssh by Dropbear Ssh Project
Listed below are 10 of the newest known vulnerabilities associated with "Dropbear Ssh" by "Dropbear Ssh Project".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-3706 json | A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c... | Not Provided | 2026-03-08 | 2026-04-22 |
| CVE-2025-15638 json | Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt. Net::Dropbear versions before 0.14... | Not Provided | 2026-04-21 | 2026-04-21 |
| CVE-2023-48795 json | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote att... | Not Provided | 2023-12-18 | 2026-05-12 |
| CVE-2021-36369 json | An issue was discovered in Dropbear through 2020.81. Due to a non-RFC-compliant check of the available authentication methods... | 7.5 - HIGH | 2022-10-12 | 2023-01-20 |
| CVE-2020-36254 json | scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. | 8.1 - HIGH | 2021-02-25 | 2021-09-17 |
| CVE-2019-12953 json | Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different is... | 5.3 - MEDIUM | 2020-12-30 | 2021-07-21 |
| CVE-2018-15599 json | The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability... | 5.3 - MEDIUM | 2018-08-21 | 2020-12-30 |
| CVE-2017-9079 json | Not Provided | 2017-05-19 | 2025-04-20 | |
| CVE-2017-9078 json | Not Provided | 2017-05-19 | 2025-04-20 | |
| CVE-2017-2659 json | It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an inval... | 7.5 - HIGH | 2019-03-21 | 2019-10-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Dropbear Ssh Project | Dropbear Ssh | 2018.76 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2017.75 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.74 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.73 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2016.72 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.71 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.70 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.69 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.68 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2015.67 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.66 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.65 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.64 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2014.63 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.62 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.61 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.60 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.59 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.58 | |||
| Application | Dropbear Ssh Project | Dropbear Ssh | 2013.57 |