Approved changes feed: RSS · Atom

cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*

part: a version: 6.3 update: *

VendorOpenbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5)
ProductOpenssh (00fc4953-faf7-5f04-8d3d-4edd44206199)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:github/openssh/openssh-portable purl2cpe 2026-06-01 10:17:38.304468
pkg:mindrot/openss purl2cpe 2026-06-01 10:17:38.304470
pkg:openbsd/openssh purl2cpe 2026-06-01 10:17:38.304472
pkg:rpm/fedora/openssh purl2cpe 2026-06-01 10:17:38.304473
pkg:rpm/opensuse/openssh purl2cpe 2026-06-01 10:17:38.304474

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2016-0778 vulnerable 2026-06-08 05:07:16.232448 Details available
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:28:32.960Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2016-0777 vulnerable 2026-06-08 05:07:16.221818 Details available
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:30:01.702Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-2653 vulnerable 2026-06-08 05:05:29.468815 Details available
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
Published: 2014-03-27T10:00:00.000Z
Updated: 2026-05-28T17:43:51.825Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2014-2532 vulnerable 2026-06-08 05:05:29.053403 Details available
sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.
Published: 2014-03-18T01:00:00.000Z
Updated: 2026-05-28T17:41:16.444Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2013-4548 vulnerable 2026-06-08 05:04:48.171758 Details available
The mm_newkeys_from_blob function in monitor_wrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet data that provides a crafted callback address.
Published: 2013-11-08T15:00:00.000Z
Updated: 2024-08-06T16:45:15.154Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.