Vulnerabilities

This page lists vulnerabilities in SSH clients and servers as well as SSH relevant programs of the last years.

Note

Only vulnerabilities, which are included in SSH-MITM, are listed.

The vulnerabilities are divided into 4 categories to show the risk.

Severity	Base Score Range	Description
none	0.0	No risk or not a vulnerability
low	0.1-3.9	Low risk
medium	4.0-6.9	Medium risk
high	7.0-10.0	High risk

• OpenSSH
  • CVSS 3.7 CVE-2021-36368
  • CVSS 7.8 CVE-2020-15778
  • CVSS 5.9 CVE-2020-14145
  • CVSS 5.9 CVE-2019-6111
  • CVSS 6.8 CVE-2019-6110
  • CVSS 6.8 CVE-2019-6109
  • CVSS 5.3 CVE-2016-20012
• PuTTY
  • CVSS 8.1 CVE-2021-36367
  • CVSS 7.5 CVE-2021-33500
  • CVSS 5.9 CVE-2020-14002
• Dropbear
  • CVSS 8.1 CVE-2021-36369
• WinSCP
  • CVSS 5.9 CVE-2019-6111
  • CVSS 6.8 CVE-2019-6110
  • CVSS 6.8 CVE-2019-6109
• Midnight Commander
  • CVSS 7.5 CVE-2021-36370
• rsync
  • CVSS 7.4 CVE-2022-29154
  • CVSS 0.0 CVE-2021-3755
• Rust
  • CVSS 5.3 CVE-2022-46176
• MobaXterm
  • CVSS 8.1 CVE-2022-38336
  • CVSS 9.1 CVE-2022-38337