[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3857":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":31,"aliases":32,"duplicate_of":9,"upstream":33,"downstream":34,"duplicates":77,"related":78,"reserved_at":9,"published_at":88,"modified_at":89,"state":90,"summary":91,"references_raw":100,"kevs":179,"epss":180,"epss_history":183,"metrics":439,"affected":456},"CVE-2019-3857","An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",null,[11,24],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","weakness","Stable","Base","Medium",[20],{"id":21,"name":22,"techniques":23},"CAPEC-92","Forced Integer Overflow",[],{"_key":25,"id":25,"name":26,"description":27,"type":15,"status":28,"abstraction":17,"likelihood_of_exploit":29,"capec":30},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","Draft","High",[],[],[],[],[35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75],{"_key":36},"ALPINE-CVE-2019-3857",{"_key":38},"RHSA-2019:0679",{"_key":40},"RHSA-2019:1652",{"_key":42},"RHSA-2019:1791",{"_key":44},"RHSA-2019:1943",{"_key":46},"RHSA-2019:2399",{"_key":48},"SUSE-SU-2019:0655-1",{"_key":50},"SUSE-SU-2019:13982-1",{"_key":52},"SUSE-SU-2019:13997-1",{"_key":54},"SUSE-SU-2020:3551-1",{"_key":56},"OPENSUSE-SU-2019:1109-1",{"_key":58},"OPENSUSE-SU-2020:2126-1",{"_key":60},"OPENSUSE-SU-2020:2129-1",{"_key":62},"OPENSUSE-SU-2024:10999-1",{"_key":64},"DLA-1730-1",{"_key":66},"DSA-4431-1",{"_key":68},"MGASA-2019-0139",{"_key":70},"UBUNTU-CVE-2019-3857",{"_key":72},"DEBIAN-CVE-2019-3857",{"_key":74},"USN-5308-1",{"_key":76},"RHSA-2019:1175",[],[79,80,81,82,83,84,85,86,87],{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":68},"2019-03-25T18:30:56.000Z","2025-04-23T19:48:11.114Z","Modified",{"cisa_kev":92,"cisa_ransomware":92,"cisa_vendor":9,"epss_severity":93,"epss_score":94,"severity":95,"severity_score":96,"severity_version":97,"severity_source":98,"severity_vector":99,"severity_status":90},false,"low",0.04756,"high",8.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",[101,110,116,122,126,131,136,140,145,150,155,159,163,167,171,175],{"url":102,"sources":103,"tags":105},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857",[104,98],"cve.org",[106,107,108,109],"X Refsource CONFIRM","Issue Tracking","Patch","Third Party Advisory",{"url":111,"sources":112,"tags":113},"https://www.libssh2.org/CVE-2019-3857.html",[104,98],[114,108,115],"X Refsource MISC","Vendor Advisory",{"url":117,"sources":118,"tags":119},"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html",[104,98],[120,121,109],"Mailing List","X Refsource MLIST",{"url":123,"sources":124,"tags":125},"https://security.netapp.com/advisory/ntap-20190327-0005/",[104,98],[106,109],{"url":127,"sources":128,"tags":129},"https://access.redhat.com/errata/RHSA-2019:0679",[104,98],[115,130,109],"X Refsource REDHAT",{"url":132,"sources":133,"tags":134},"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html",[104,98],[115,135,120,109],"X Refsource SUSE",{"url":137,"sources":138,"tags":139},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html",[104,98],[115,135,109],{"url":141,"sources":142,"tags":143},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/",[104,98],[115,144],"X Refsource FEDORA",{"url":146,"sources":147,"tags":148},"https://www.debian.org/security/2019/dsa-4431",[104,98],[115,149,109],"X Refsource DEBIAN",{"url":151,"sources":152,"tags":153},"https://seclists.org/bugtraq/2019/Apr/25",[104,98],[120,154,109],"X Refsource BUGTRAQ",{"url":156,"sources":157,"tags":158},"https://access.redhat.com/errata/RHSA-2019:1175",[104,98],[115,130,109],{"url":160,"sources":161,"tags":162},"https://access.redhat.com/errata/RHSA-2019:1652",[104,98],[115,130,109],{"url":164,"sources":165,"tags":166},"https://access.redhat.com/errata/RHSA-2019:1791",[104,98],[115,130,109],{"url":168,"sources":169,"tags":170},"https://access.redhat.com/errata/RHSA-2019:1943",[104,98],[115,130,109],{"url":172,"sources":173,"tags":174},"https://access.redhat.com/errata/RHSA-2019:2399",[104,98],[115,130,109],{"url":176,"sources":177,"tags":178},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[104,98],[114,108,109],[],{"date":181,"score":94,"percentile":182},"2026-06-04",0.89626,[184,188,192,195,198,201,204,207,209,212,215,218,220,223,225,229,232,235,237,240,242,245,248,250,252,255,258,261,264,267,269,272,275,278,281,283,286,289,292,295,298,301,303,305,308,311,314,316,318,320,323,326,329,332,335,338,341,344,347,350,352,355,358,361,363,365,369,372,374,377,380,383,386,388,391,393,397,400,404,407,410,413,416,420,422,425,428,431,434,436],{"date":185,"score":186,"percentile":187},"2025-11-04",0.03505,0.87098,{"date":189,"score":190,"percentile":191},"2025-11-05",0.03107,0.86302,{"date":193,"score":190,"percentile":194},"2025-11-06",0.86301,{"date":196,"score":190,"percentile":197},"2025-11-07",0.8631,{"date":199,"score":190,"percentile":200},"2025-11-08",0.86313,{"date":202,"score":190,"percentile":203},"2025-11-09",0.86307,{"date":205,"score":190,"percentile":206},"2025-11-10",0.86308,{"date":208,"score":190,"percentile":200},"2025-11-11",{"date":210,"score":190,"percentile":211},"2025-11-12",0.8632,{"date":213,"score":190,"percentile":214},"2025-11-13",0.86326,{"date":216,"score":190,"percentile":217},"2025-11-14",0.86328,{"date":219,"score":190,"percentile":211},"2025-11-15",{"date":221,"score":190,"percentile":222},"2025-11-16",0.86321,{"date":224,"score":190,"percentile":197},"2025-11-17",{"date":226,"score":227,"percentile":228},"2025-11-18",0.03789,0.86937,{"date":230,"score":227,"percentile":231},"2025-11-19",0.86939,{"date":233,"score":227,"percentile":234},"2025-11-20",0.86941,{"date":236,"score":190,"percentile":222},"2025-11-21",{"date":238,"score":190,"percentile":239},"2025-11-22",0.86316,{"date":241,"score":190,"percentile":197},"2025-11-23",{"date":243,"score":190,"percentile":244},"2025-11-24",0.86311,{"date":246,"score":190,"percentile":247},"2025-11-25",0.86312,{"date":249,"score":190,"percentile":244},"2025-11-26",{"date":251,"score":190,"percentile":200},"2025-11-27",{"date":253,"score":190,"percentile":254},"2025-11-28",0.86295,{"date":256,"score":190,"percentile":257},"2025-11-29",0.86366,{"date":259,"score":190,"percentile":260},"2025-11-30",0.86364,{"date":262,"score":190,"percentile":263},"2025-12-01",0.86416,{"date":265,"score":190,"percentile":266},"2025-12-02",0.86418,{"date":268,"score":190,"percentile":266},"2025-12-03",{"date":270,"score":190,"percentile":271},"2025-12-04",0.86357,{"date":273,"score":190,"percentile":274},"2025-12-05",0.86359,{"date":276,"score":190,"percentile":277},"2025-12-06",0.86355,{"date":279,"score":190,"percentile":280},"2025-12-07",0.86345,{"date":282,"score":190,"percentile":280},"2025-12-08",{"date":284,"score":190,"percentile":285},"2025-12-09",0.86353,{"date":287,"score":190,"percentile":288},"2025-12-10",0.86375,{"date":290,"score":186,"percentile":291},"2025-12-11",0.87211,{"date":293,"score":186,"percentile":294},"2025-12-12",0.87217,{"date":296,"score":186,"percentile":297},"2025-12-13",0.87215,{"date":299,"score":186,"percentile":300},"2025-12-14",0.87209,{"date":302,"score":186,"percentile":300},"2025-12-15",{"date":304,"score":186,"percentile":294},"2025-12-16",{"date":306,"score":186,"percentile":307},"2025-12-17",0.8722,{"date":309,"score":186,"percentile":310},"2025-12-18",0.87229,{"date":312,"score":186,"percentile":313},"2025-12-19",0.8723,{"date":315,"score":186,"percentile":310},"2025-12-20",{"date":317,"score":186,"percentile":313},"2025-12-21",{"date":319,"score":186,"percentile":313},"2025-12-22",{"date":321,"score":186,"percentile":322},"2025-12-23",0.87232,{"date":324,"score":186,"percentile":325},"2025-12-24",0.87238,{"date":327,"score":186,"percentile":328},"2025-12-25",0.87252,{"date":330,"score":186,"percentile":331},"2025-12-26",0.87251,{"date":333,"score":186,"percentile":334},"2025-12-27",0.87298,{"date":336,"score":186,"percentile":337},"2025-12-28",0.87246,{"date":339,"score":186,"percentile":340},"2025-12-29",0.8724,{"date":342,"score":186,"percentile":343},"2025-12-30",0.87248,{"date":345,"score":186,"percentile":346},"2025-12-31",0.87259,{"date":348,"score":186,"percentile":349},"2026-01-01",0.87318,{"date":351,"score":186,"percentile":349},"2026-01-02",{"date":353,"score":186,"percentile":354},"2026-01-03",0.87319,{"date":356,"score":186,"percentile":357},"2026-01-04",0.87253,{"date":359,"score":186,"percentile":360},"2026-01-05",0.87249,{"date":362,"score":186,"percentile":331},"2026-01-06",{"date":364,"score":186,"percentile":331},"2026-01-07",{"date":366,"score":367,"percentile":368},"2026-01-08",0.03441,0.8714,{"date":370,"score":367,"percentile":371},"2026-01-09",0.87139,{"date":373,"score":367,"percentile":368},"2026-01-10",{"date":375,"score":367,"percentile":376},"2026-01-11",0.87133,{"date":378,"score":367,"percentile":379},"2026-01-12",0.8713,{"date":381,"score":367,"percentile":382},"2026-01-13",0.87129,{"date":384,"score":367,"percentile":385},"2026-01-14",0.87141,{"date":387,"score":367,"percentile":371},"2026-01-15",{"date":389,"score":367,"percentile":390},"2026-01-16",0.87145,{"date":392,"score":367,"percentile":390},"2026-01-17",{"date":394,"score":395,"percentile":396},"2026-01-18",0.04475,0.88755,{"date":398,"score":395,"percentile":399},"2026-01-19",0.88752,{"date":401,"score":402,"percentile":403},"2026-01-20",0.02592,0.85187,{"date":405,"score":402,"percentile":406},"2026-01-21",0.85192,{"date":408,"score":402,"percentile":409},"2026-01-22",0.85196,{"date":411,"score":402,"percentile":412},"2026-01-23",0.85208,{"date":414,"score":402,"percentile":415},"2026-01-24",0.85219,{"date":417,"score":418,"percentile":419},"2026-01-25",0.03533,0.87333,{"date":421,"score":418,"percentile":419},"2026-01-26",{"date":423,"score":418,"percentile":424},"2026-01-27",0.87334,{"date":426,"score":418,"percentile":427},"2026-01-28",0.87336,{"date":429,"score":418,"percentile":430},"2026-01-29",0.8734,{"date":432,"score":418,"percentile":433},"2026-01-30",0.87342,{"date":435,"score":418,"percentile":433},"2026-01-31",{"date":437,"score":418,"percentile":438},"2026-02-01",0.8741,[440,447],{"source":104,"cvss_v2_0":9,"cvss_v3_0":441,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":442,"baseSeverity":443,"vectorString":444,"impactScore":445,"exploitabilityScore":446},7.5,"HIGH","CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",9.8,4.1,{"source":98,"cvss_v2_0":448,"cvss_v3_0":453,"cvss_v3_1":454,"cvss_v4_0":9},{"baseScore":449,"baseSeverity":9,"vectorString":450,"impactScore":451,"exploitabilityScore":452},6.8,"AV:N/AC:M/Au:N/C:P/I:P/A:P",6.4,8.6,{"baseScore":442,"baseSeverity":443,"vectorString":444,"impactScore":445,"exploitabilityScore":446},{"baseScore":96,"baseSeverity":443,"vectorString":99,"impactScore":445,"exploitabilityScore":455},7.2,[457,468,474,484,491,499,508,514,520,525,531,536,541,546],{"ecosystem":9,"name":458,"vendor":459,"product":460,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":462},"debian linux","debian","debian_linux","o",[463,466],{"version":464,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":467,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":469,"vendor":470,"product":469,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":471},"fedora","fedoraproject",[472],{"version":473,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"28",{"ecosystem":9,"name":475,"vendor":475,"product":475,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":477},"libssh2","a",[478],{"version":479,"is_range":480,"range_type":465,"version_start":481,"version_start_type":482,"version_end":483,"version_end_type":482,"fixed_in":9},"gte1.2.8_lte1.8.0",true,"1.2.8","including","1.8.0",{"ecosystem":9,"name":485,"vendor":486,"product":487,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":488},"ontap select deploy administration utility","netapp","ontap_select_deploy_administration_utility",[489],{"version":490,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":492,"vendor":493,"product":492,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"leap","opensuse",[495,497],{"version":496,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":498,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":500,"vendor":501,"product":502,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":503},"peoplesoft enterprise peopletools","oracle","peoplesoft_enterprise_peopletools",[504,506],{"version":505,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.56",{"version":507,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.57",{"ecosystem":9,"name":509,"vendor":510,"product":511,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":512},"enterprise linux","redhat","enterprise_linux",[513],{"version":464,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":515,"vendor":510,"product":516,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":517},"enterprise linux desktop","enterprise_linux_desktop",[518],{"version":519,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":521,"vendor":510,"product":522,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":523},"enterprise linux server","enterprise_linux_server",[524],{"version":519,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":526,"vendor":510,"product":527,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":528},"enterprise linux server aus","enterprise_linux_server_aus",[529],{"version":530,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.6",{"ecosystem":9,"name":532,"vendor":510,"product":533,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":534},"enterprise linux server eus","enterprise_linux_server_eus",[535],{"version":530,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":537,"vendor":510,"product":538,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":539},"enterprise linux server tus","enterprise_linux_server_tus",[540],{"version":530,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":542,"vendor":510,"product":543,"cpe_part":461,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":544},"enterprise linux workstation","enterprise_linux_workstation",[545],{"version":519,"is_range":92,"range_type":465,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":475,"vendor":547,"product":475,"cpe_part":476,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"the libssh2 project",[549],{"version":550,"is_range":92,"range_type":104,"version_start":550,"version_start_type":482,"version_end":550,"version_end_type":482,"fixed_in":9},"1.8.1"]