Known Vulnerabilities for Openssh by Openbsd
Listed below are 10 of the newest known vulnerabilities associated with "Openssh" by "Openbsd".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-0964 | A malicious SCP server can send unexpected paths that could make the client application override local files outside of worki... | Not Provided | 2026-03-26 | 2026-03-26 |
| CVE-2021-41617 | sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation bec... | 7 - HIGH | 2021-09-26 | 2023-12-26 |
| CVE-2021-36368 | ** DISPUTED ** An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwa... | 3.7 - LOW | 2022-03-13 | 2023-11-07 |
| CVE-2021-28041 | ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained ... | 7.1 - HIGH | 2021-03-05 | 2023-11-07 |
| CVE-2020-15778 | ** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backt... | 7.8 - HIGH | 2020-07-24 | 2023-11-07 |
| CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm nego... | 5.9 - MEDIUM | 2020-06-29 | 2022-04-28 |
| CVE-2020-12062 | ** DISPUTED ** The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call fa... | 7.5 - HIGH | 2020-06-01 | 2023-11-07 |
| CVE-2019-16905 | OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer ove... | 7.8 - HIGH | 2019-10-09 | 2023-03-01 |
| CVE-2019-6111 | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which f... | 5.9 - MEDIUM | 2019-01-31 | 2023-11-07 |
| CVE-2019-6110 | In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Mi... | 6.8 - MEDIUM | 2019-01-31 | 2023-02-23 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openbsd | Openssh | 8.4 | - | All | All |
| Application | Openbsd | Openssh | 8.4 | p1 | All | All |
| Application | Openbsd | Openssh | 8.3 | All | All | All |
| Application | Openbsd | Openssh | 8.3 | - | All | All |
| Application | Openbsd | Openssh | 8.3 | p1 | All | All |
| Application | Openbsd | Openssh | 8.2 | All | All | All |
| Application | Openbsd | Openssh | 8.1 | - | All | All |
| Application | Openbsd | Openssh | 8.1 | p1 | All | All |
| Application | Openbsd | Openssh | 8.0 | - | All | All |
| Application | Openbsd | Openssh | 8.0 | p1 | All | All |
| Application | Openbsd | Openssh | 7.9 | - | All | All |
| Application | Openbsd | Openssh | 7.9 | p1 | All | All |
| Application | Openbsd | Openssh | 7.8 | - | All | All |
| Application | Openbsd | Openssh | 7.8 | p1 | All | All |
| Application | Openbsd | Openssh | 7.7 | - | All | All |
| Application | Openbsd | Openssh | 7.7 | p1 | All | All |
| Application | Openbsd | Openssh | 7.6 | - | All | All |
| Application | Openbsd | Openssh | 7.6 | p1 | All | All |
| Application | Openbsd | Openssh | 7.5 | All | All | All |
| Application | Openbsd | Openssh | 7.5 | - | All | All |