openssh vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the openssh package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Improper Neutralization of Null Byte or NUL Character	<1:10.1p1-1
L Failure to Sanitize Special Element	<1:10.1p1-1
L CVE-2025-32728	<1:10.0p1-1
M Allocation of Resources Without Limits or Throttling	<1:9.9p2-1
M Detection of Error Condition Without Action	<1:9.9p2-1
L CVE-2024-39894	<1:9.8p1-1
H Race Condition	<1:9.7p1-7
M OS Command Injection	<1:9.6p1-1
M CVE-2023-51384	<1:9.6p1-1
M Improper Validation of Integrity Check Value	<1:9.6p1-1
C Unquoted Search Path or Element	<1:9.3p2-1
C CVE-2023-28531	<1:9.3p1-1
M Double Free	<1:9.2p1-1
L Improper Authentication	<1:8.9p1-1
H Improper Privilege Management	<1:8.7p1-1
L CVE-2016-20012	*
H Double Free	<1:8.4p1-5
L OS Command Injection	*
L Information Exposure	*
L Improper Input Validation	<1:8.3p1-1
L Integer Overflow or Wraparound	<1:8.1p1-1
M Improper Encoding or Escaping of Output	<1:7.9p1-6
L Inappropriate Encoding for Output Context	*
M Directory Traversal	<1:7.9p1-9
M Incorrect Authorization	<1:7.9p1-5
L Information Exposure	*
M Race Condition	<1:7.7p1-4
H NULL Pointer Dereference	<1:7.4p1-1
L Incorrect Permission Assignment for Critical Resource	<1:7.6p1-1
C Security Features	<1:7.2p1-1
M Information Exposure	<1:7.2p2-6
L Access Restriction Bypass	<1:7.4p1-1
L Key Management Errors	<1:7.4p1-1
L Untrusted Search Path	<1:7.4p1-1
L Out-of-Bounds	<1:7.4p1-1
H Resource Management Errors	<1:7.3p1-2
H Improper Input Validation	<1:7.3p1-1
H Access Restriction Bypass	<1:7.2p2-3
M CVE-2016-3115	<1:7.2p2-1
M Out-of-Bounds	<1:7.1p2-1
M Information Exposure	<1:7.1p2-1
H Out-of-Bounds	<1:7.1p2-1
H Access Restriction Bypass	<1:6.9p1-1
L Improper Input Validation	<1:6.9p1-1
H Access Restriction Bypass	<1:6.9p1-1
M Access Restriction Bypass	<1:6.9p1-1
L Improper Input Validation	<1:6.6p1-1
M Access Restriction Bypass	<1:6.6p1-1
M Access Restriction Bypass	<1:6.4p1-1
L CVE-2010-5107	<1:6.0p1-4
L Numeric Errors	<1:5.9p1-1
L Credentials Management	<1:5.6p1-1
M Access Restriction Bypass	<1:5.8p1-2
L Information Exposure	<1:5.1p1-5
L Access Restriction Bypass	<1:4.6p1-1
L Access Restriction Bypass	*
M Cryptographic Issues	<1:4.7p1-10
H Cryptographic Issues	<4.7p1-9
L Access Restriction Bypass	<1:4.7p1-8
H Access Restriction Bypass	<1:4.7p1-5
L Improper Input Validation	<1:4.7p1-1
L Information Exposure	*
L Improper Authentication	*
L CVE-2006-5794	<1:4.3p2-6
L CVE-2006-4925	<1:5.1p1-5
L Race Condition	<1:4.6p1-1
L CVE-2006-5052	<1:4.6p1-1
L Resource Management Errors	<1:4.3p2-4
M Resource Management Errors	<1:3.8.1p1-4
L CVE-2006-0225	<1:4.3p2-1
L CVE-2005-2798	<1:4.2p1-1
L CVE-2005-2797	<1:4.2p1-1
L Credentials Management	<1:4.0p1-1
L Configuration	<1:3.6p1-1
M CVE-2004-2069	<1:3.8p1
L Directory Traversal	<1:3.9p1-1
L Race Condition	<1:3.8.1p1-8.sarge.4
H CVE-2003-0787	<1:3.7.1p2
C CVE-2003-0786	<1:3.7.1p2
H CVE-2003-0682	<1:3.6.1p2-9
H CVE-2003-0695	<1:3.7.1
C CVE-2003-0693	<1:3.6.1p2-6.0
H CVE-2003-0386	<1:3.8p1-1
M CVE-2003-0190	<1:3.8.1p1-8.sarge.4
H CVE-2002-0765	<1:3.3p1-0.0woody1
H CVE-2002-0640	<1:3.4
H CVE-2002-0639	<1:3.4
H CVE-2001-1507	<1:3.0.1
H CVE-2001-1459	<1:3.0.1p1-1
L CVE-2000-0992	<1:3.9p1-1

Vulnerability

Vulnerable Version

Improper Neutralization of Null Byte or NUL Character

<1:10.1p1-1