Approved changes feed: RSS · Atom
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Openbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5) |
|---|---|
| Product | Openssh (00fc4953-faf7-5f04-8d3d-4edd44206199) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openssh/openssh-portable |
purl2cpe | 2026-06-01 10:17:38.303001 |
pkg:mindrot/openss |
purl2cpe | 2026-06-01 10:17:38.303002 |
pkg:openbsd/openssh |
purl2cpe | 2026-06-01 10:17:38.303004 |
pkg:rpm/fedora/openssh |
purl2cpe | 2026-06-01 10:17:38.303005 |
pkg:rpm/opensuse/openssh |
purl2cpe | 2026-06-01 10:17:38.303007 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-35414 |
vulnerable | 2026-06-08 07:59:13.856792 |
Details available
MEDIUM (4.2)
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
Published: 2026-04-02T17:08:15.628Z
Updated: 2026-04-02T18:17:04.391Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-35388 |
vulnerable | 2026-06-08 07:59:13.822934 |
Details available
LOW (2.5)
OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
Published: 2026-04-02T16:57:31.073Z
Updated: 2026-04-02T18:16:41.820Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-35387 |
vulnerable | 2026-06-08 07:59:13.822563 |
Details available
LOW (3.1)
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Published: 2026-04-02T16:52:53.623Z
Updated: 2026-04-03T13:07:56.358Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-35386 |
vulnerable | 2026-06-08 07:59:13.822205 |
Details available
LOW (3.6)
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
Published: 2026-04-02T16:44:27.806Z
Updated: 2026-04-03T03:55:45.599Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-35385 |
vulnerable | 2026-06-08 07:59:13.821784 |
Details available
HIGH (7.5)
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
Published: 2026-04-02T16:30:59.615Z
Updated: 2026-06-30T12:09:03.911Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-61985 |
vulnerable | 2026-06-08 07:37:28.497932 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-61984 |
vulnerable | 2026-06-08 07:37:28.497625 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-32728 |
vulnerable | 2026-06-08 07:19:00.698781 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-26465 |
vulnerable | 2026-06-08 07:12:51.656502 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-6387 |
vulnerable | 2026-06-08 06:58:19.187075 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51767 |
vulnerable | 2026-06-08 06:17:53.887613 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51385 |
vulnerable | 2026-06-08 06:16:17.420073 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-51384 |
vulnerable | 2026-06-08 06:16:17.418910 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-48795 |
vulnerable | 2026-06-08 06:14:28.106548 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-38408 |
vulnerable | 2026-06-08 06:08:17.841433 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28531 |
vulnerable | 2026-06-08 06:01:11.062540 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-41617 |
vulnerable | 2026-06-08 05:35:20.833690 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-36368 |
vulnerable | 2026-06-08 05:32:52.090535 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-28041 |
vulnerable | 2026-06-08 05:31:22.874345 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15778 |
vulnerable | 2026-06-08 05:19:26.544994 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14145 |
vulnerable | 2026-06-08 05:18:02.093451 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6111 |
vulnerable | 2026-06-08 05:14:08.765531 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6110 |
vulnerable | 2026-06-08 05:14:08.763783 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-6109 |
vulnerable | 2026-06-08 05:14:08.740010 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-16905 |
vulnerable | 2026-06-08 05:13:09.563259 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-20685 |
vulnerable | 2026-06-08 05:11:27.736970 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-15919 |
vulnerable | 2026-06-08 05:11:03.810081 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2018-15473 |
vulnerable | 2026-06-08 05:10:54.508780 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-15906 |
vulnerable | 2026-06-08 05:08:59.689589 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-20012 |
vulnerable | 2026-06-08 05:07:32.512979 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-1908 |
vulnerable | 2026-06-08 05:07:32.282086 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10708 |
vulnerable | 2026-06-08 05:07:25.603516 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10012 |
vulnerable | 2026-06-08 05:07:17.028074 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10011 |
vulnerable | 2026-06-08 05:07:17.027588 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10010 |
vulnerable | 2026-06-08 05:07:17.027081 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-10009 |
vulnerable | 2026-06-08 05:07:17.026461 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-6564 |
vulnerable | 2026-06-08 05:06:52.729603 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-6563 |
vulnerable | 2026-06-08 05:06:52.729145 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-5600 |
vulnerable | 2026-06-08 05:06:50.517021 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2015-5352 |
vulnerable | 2026-06-08 05:06:49.737142 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2653 |
vulnerable | 2026-06-08 05:05:29.468732 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-2532 |
vulnerable | 2026-06-08 05:05:29.050915 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2014-1692 |
vulnerable | 2026-06-08 05:05:25.929787 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2012-0814 |
vulnerable | 2026-06-08 05:00:45.483458 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-5000 |
vulnerable | 2026-06-08 04:59:34.138432 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4327 |
vulnerable | 2026-06-08 04:59:30.642483 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-5107 |
vulnerable | 2026-06-08 04:56:32.266958 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-4755 |
vulnerable | 2026-06-08 04:56:30.603412 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-4478 |
vulnerable | 2026-06-08 04:56:28.565186 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-4109 |
vulnerable | 2026-06-08 04:50:37.868103 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-3844 |
vulnerable | 2026-06-08 04:50:36.860930 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2008-3259 |
vulnerable | 2026-06-08 04:50:33.749777 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-4752 |
vulnerable | 2026-06-08 04:49:57.101454 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2007-2768 |
vulnerable | 2026-06-08 04:49:45.966996 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-5794 |
vulnerable | 2026-06-08 04:49:21.312570 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2006-5051 |
vulnerable | 2026-06-08 04:49:19.576575 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2004-1653 |
vulnerable | 2026-06-08 04:47:54.721442 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2003-0695 |
vulnerable | 2026-06-08 04:47:22.266284 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2003-0693 |
vulnerable | 2026-06-08 04:47:22.236123 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2003-0682 |
vulnerable | 2026-06-08 04:47:22.204650 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2003-0190 |
vulnerable | 2026-06-08 04:47:20.955179 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2002-0639 |
vulnerable | 2026-06-08 04:46:21.869515 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2002-0083 |
vulnerable | 2026-06-08 04:46:20.594736 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-1382 |
vulnerable | 2026-06-08 04:46:19.789944 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-1380 |
vulnerable | 2026-06-08 04:46:19.789599 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-0872 |
vulnerable | 2026-06-08 04:45:20.958357 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-0816 |
vulnerable | 2026-06-08 04:45:20.845219 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2001-0529 |
vulnerable | 2026-06-08 04:45:20.402355 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2000-0143 |
vulnerable | 2026-06-08 04:44:58.401473 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.