Approved changes feed: RSS · Atom

cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*

part: a version: 6.8 update: p1

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenssh (00fc4953-faf7-5f04-8d3d-4edd44206199)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openssh/openssh-portable purl2cpe 2026-06-01 10:17:38.304595
pkg:mindrot/openss purl2cpe 2026-06-01 10:17:38.304596
pkg:openbsd/openssh purl2cpe 2026-06-01 10:17:38.304597
pkg:rpm/fedora/openssh purl2cpe 2026-06-01 10:17:38.304599
pkg:rpm/opensuse/openssh purl2cpe 2026-06-01 10:17:38.304600

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-26465 vulnerable 2026-06-08 07:12:51.658288 Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled
MEDIUM (6.8)
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
Published: 2025-02-18T18:27:16.843Z
Updated: 2026-05-12T12:04:14.721Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-1907 vulnerable 2026-06-08 05:07:32.278375 Details available
The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.
Published: 2016-01-19T00:00:00.000Z
Updated: 2024-08-05T23:10:39.956Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-0778 vulnerable 2026-06-08 05:07:16.232628 Details available
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:28:32.960Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-0777 vulnerable 2026-06-08 05:07:16.227487 Details available
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:30:01.702Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.