Max CVSS 5.8 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-6109 4.0
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes t
24-08-2020 - 17:37 31-01-2019 - 18:29
CVE-2018-20685 2.6
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
24-08-2020 - 17:37 10-01-2019 - 21:29
CVE-2019-6111 5.8
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
24-08-2020 - 17:37 31-01-2019 - 18:29
Back to Top Mark selected
Back to Top