ssh 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に パス処理の欠陥 などに関し、一部は ファイル上書き を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-1999-1231 | ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | [email protected] | 5.0 | 1.48% | 1999-06-09 | 2026-06-16 |
| CVE-1999-1029 | SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs. | [email protected] | 7.5 | 1.57% | 1999-05-13 | 2026-06-16 |
| CVE-1999-0398 | In some instances of SSH 1.2.27 and 2.0.11 on Linux systems, SSH will allow users with expired accounts to login. | [email protected] | 4.6 | 0.39% | 1999-01-01 | 2026-06-16 |
| CVE-1999-0248 | A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. | [email protected] | 10.0 | 1.60% | 1999-01-01 | 2026-06-16 |
| CVE-1999-1159 | SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root. | [email protected] | 4.6 | 0.34% | 1998-12-29 | 2026-06-16 |
| CVE-1999-0310 | SSH 1.2.25 on HP-UX allows access to new user accounts. | [email protected] | 7.5 | 1.49% | 1998-09-01 | 2026-06-16 |
| CVE-1999-1085 | SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack." | [email protected] | 5.0 | 3.16% | 1998-06-12 | 2026-06-16 |
| CVE-1999-0013 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. | [email protected] | 8.4 | 1.09% | 1998-01-22 | 2026-06-16 |