| Max CVSS | 5.8 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-6111 | 5.8 |
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
|
24-03-2023 - 18:12 | 31-01-2019 - 18:29 | |
| CVE-2019-6110 | 4.0 |
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transfe
|
23-02-2023 - 23:29 | 31-01-2019 - 18:29 | |
| CVE-2019-6109 | 4.0 |
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes t
|
23-02-2023 - 23:16 | 31-01-2019 - 18:29 |