Filtered by vendor Openssh
Subscriptions
Filtered by product Openssh
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-39894 | 1 Openssh | 1 Openssh | 2025-07-12 | 7.5 High |
| OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur. | ||||
| CVE-2023-35812 | 1 Openssh | 1 Openssh | 2025-03-25 | 5.3 Medium |
| An issue was discovered in the Amazon Linux packages of OpenSSH 7.4 for Amazon Linux 1 and 2, because of an incomplete fix for CVE-2019-6111 within these specific packages. The fix had only covered cases where an absolute path is passed to scp. When a relative path is used, there is no verification that the name of a file received by the client matches the file requested. Fixed packages are available with numbers 7.4p1-22.78.amzn1 and 7.4p1-22.amzn2.0.2. | ||||
Page 1 of 1.