[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3858":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":59,"related":60,"reserved_at":9,"published_at":70,"modified_at":71,"state":72,"summary":73,"references_raw":82,"kevs":167,"epss":168,"epss_history":171,"metrics":431,"affected":448},"CVE-2019-3858","An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57],{"_key":28},"ALPINE-CVE-2019-3858",{"_key":30},"RHSA-2019:2136",{"_key":32},"SUSE-SU-2019:0655-1",{"_key":34},"SUSE-SU-2019:13982-1",{"_key":36},"SUSE-SU-2019:13997-1",{"_key":38},"SUSE-SU-2020:3551-1",{"_key":40},"OPENSUSE-SU-2019:1109-1",{"_key":42},"OPENSUSE-SU-2020:2126-1",{"_key":44},"OPENSUSE-SU-2020:2129-1",{"_key":46},"OPENSUSE-SU-2024:10999-1",{"_key":48},"DLA-1730-1",{"_key":50},"DSA-4431-1",{"_key":52},"MGASA-2019-0139",{"_key":54},"UBUNTU-CVE-2019-3858",{"_key":56},"DEBIAN-CVE-2019-3858",{"_key":58},"USN-5308-1",[],[61,62,63,64,65,66,67,68,69],{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":52},"2019-03-21T20:22:47.000Z","2024-08-04T19:19:18.593Z","Modified",{"cisa_kev":74,"cisa_ransomware":74,"cisa_vendor":9,"epss_severity":75,"epss_score":76,"severity":77,"severity_score":78,"severity_version":79,"severity_source":80,"severity_vector":81,"severity_status":72},false,"low",0.02187,"critical",9.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",[83,92,97,103,109,114,119,124,128,132,136,141,145,149,154,158,163],{"url":84,"sources":85,"tags":87},"http://www.openwall.com/lists/oss-security/2019/03/18/3",[86,80],"cve.org",[88,89,90,91],"Mailing List","X Refsource MLIST","Patch","Third Party Advisory",{"url":93,"sources":94,"tags":95},"https://seclists.org/bugtraq/2019/Mar/25",[86,80],[88,96,91],"X Refsource BUGTRAQ",{"url":98,"sources":99,"tags":100},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858",[86,80],[101,102,90,91],"X Refsource CONFIRM","Issue Tracking",{"url":104,"sources":105,"tags":106},"https://www.libssh2.org/CVE-2019-3858.html",[86,80],[107,90,108],"X Refsource MISC","Vendor Advisory",{"url":110,"sources":111,"tags":112},"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html",[86,80],[107,91,113],"VDB Entry",{"url":115,"sources":116,"tags":117},"http://www.securityfocus.com/bid/107485",[86,80],[113,118,91],"X Refsource BID",{"url":120,"sources":121,"tags":122},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/",[86,80],[108,123],"X Refsource FEDORA",{"url":125,"sources":126,"tags":127},"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767",[86,80],[101,91],{"url":129,"sources":130,"tags":131},"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html",[86,80],[88,89,91],{"url":133,"sources":134,"tags":135},"https://security.netapp.com/advisory/ntap-20190327-0005/",[86,80],[101,91],{"url":137,"sources":138,"tags":139},"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html",[86,80],[108,140,88,91],"X Refsource SUSE",{"url":142,"sources":143,"tags":144},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html",[86,80],[108,140,91],{"url":146,"sources":147,"tags":148},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/",[86,80],[108,123],{"url":150,"sources":151,"tags":152},"https://www.debian.org/security/2019/dsa-4431",[86,80],[108,153],"X Refsource DEBIAN",{"url":155,"sources":156,"tags":157},"https://seclists.org/bugtraq/2019/Apr/25",[86,80],[88,96],{"url":159,"sources":160,"tags":161},"https://access.redhat.com/errata/RHSA-2019:2136",[86,80],[108,162],"X Refsource REDHAT",{"url":164,"sources":165,"tags":166},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[86,80],[107],[],{"date":169,"score":76,"percentile":170},"2026-06-04",0.84683,[172,176,179,182,185,188,191,194,197,200,203,206,208,211,213,217,219,222,225,228,231,234,236,239,242,244,247,250,253,256,259,262,265,267,269,272,275,278,282,285,288,290,292,295,298,301,304,306,309,312,314,317,320,322,325,328,331,334,336,339,342,345,348,351,353,356,359,362,365,368,371,373,376,378,381,384,388,391,395,398,401,404,406,410,413,416,419,422,425,428],{"date":173,"score":174,"percentile":175},"2025-11-04",0.01677,0.81538,{"date":177,"score":174,"percentile":178},"2025-11-05",0.81541,{"date":180,"score":174,"percentile":181},"2025-11-06",0.81543,{"date":183,"score":174,"percentile":184},"2025-11-07",0.81553,{"date":186,"score":174,"percentile":187},"2025-11-08",0.81559,{"date":189,"score":174,"percentile":190},"2025-11-09",0.81556,{"date":192,"score":174,"percentile":193},"2025-11-10",0.81551,{"date":195,"score":174,"percentile":196},"2025-11-11",0.81558,{"date":198,"score":174,"percentile":199},"2025-11-12",0.8157,{"date":201,"score":174,"percentile":202},"2025-11-13",0.81576,{"date":204,"score":174,"percentile":205},"2025-11-14",0.81581,{"date":207,"score":174,"percentile":202},"2025-11-15",{"date":209,"score":174,"percentile":210},"2025-11-16",0.81577,{"date":212,"score":174,"percentile":202},"2025-11-17",{"date":214,"score":215,"percentile":216},"2025-11-18",0.02833,0.84919,{"date":218,"score":215,"percentile":216},"2025-11-19",{"date":220,"score":215,"percentile":221},"2025-11-20",0.84925,{"date":223,"score":174,"percentile":224},"2025-11-21",0.81593,{"date":226,"score":174,"percentile":227},"2025-11-22",0.81597,{"date":229,"score":174,"percentile":230},"2025-11-23",0.8159,{"date":232,"score":174,"percentile":233},"2025-11-24",0.81589,{"date":235,"score":174,"percentile":230},"2025-11-25",{"date":237,"score":174,"percentile":238},"2025-11-26",0.81592,{"date":240,"score":174,"percentile":241},"2025-11-27",0.816,{"date":243,"score":174,"percentile":233},"2025-11-28",{"date":245,"score":174,"percentile":246},"2025-11-29",0.81596,{"date":248,"score":174,"percentile":249},"2025-11-30",0.81602,{"date":251,"score":174,"percentile":252},"2025-12-01",0.81677,{"date":254,"score":174,"percentile":255},"2025-12-02",0.8168,{"date":257,"score":174,"percentile":258},"2025-12-03",0.81678,{"date":260,"score":174,"percentile":261},"2025-12-04",0.81599,{"date":263,"score":174,"percentile":264},"2025-12-05",0.81606,{"date":266,"score":174,"percentile":264},"2025-12-06",{"date":268,"score":174,"percentile":264},"2025-12-07",{"date":270,"score":174,"percentile":271},"2025-12-08",0.81608,{"date":273,"score":174,"percentile":274},"2025-12-09",0.81626,{"date":276,"score":174,"percentile":277},"2025-12-10",0.81653,{"date":279,"score":280,"percentile":281},"2025-12-11",0.02228,0.84037,{"date":283,"score":280,"percentile":284},"2025-12-12",0.84044,{"date":286,"score":280,"percentile":287},"2025-12-13",0.84038,{"date":289,"score":280,"percentile":281},"2025-12-14",{"date":291,"score":280,"percentile":287},"2025-12-15",{"date":293,"score":280,"percentile":294},"2025-12-16",0.84045,{"date":296,"score":280,"percentile":297},"2025-12-17",0.84051,{"date":299,"score":280,"percentile":300},"2025-12-18",0.84057,{"date":302,"score":280,"percentile":303},"2025-12-19",0.84062,{"date":305,"score":280,"percentile":300},"2025-12-20",{"date":307,"score":280,"percentile":308},"2025-12-21",0.84056,{"date":310,"score":280,"percentile":311},"2025-12-22",0.84052,{"date":313,"score":280,"percentile":300},"2025-12-23",{"date":315,"score":280,"percentile":316},"2025-12-24",0.84067,{"date":318,"score":280,"percentile":319},"2025-12-25",0.84082,{"date":321,"score":280,"percentile":319},"2025-12-26",{"date":323,"score":280,"percentile":324},"2025-12-27",0.8413,{"date":326,"score":280,"percentile":327},"2025-12-28",0.84071,{"date":329,"score":280,"percentile":330},"2025-12-29",0.84064,{"date":332,"score":280,"percentile":333},"2025-12-30",0.8407,{"date":335,"score":280,"percentile":319},"2025-12-31",{"date":337,"score":280,"percentile":338},"2026-01-01",0.84151,{"date":340,"score":280,"percentile":341},"2026-01-02",0.84149,{"date":343,"score":280,"percentile":344},"2026-01-03",0.84143,{"date":346,"score":76,"percentile":347},"2026-01-04",0.83916,{"date":349,"score":76,"percentile":350},"2026-01-05",0.8391,{"date":352,"score":76,"percentile":347},"2026-01-06",{"date":354,"score":76,"percentile":355},"2026-01-07",0.83914,{"date":357,"score":76,"percentile":358},"2026-01-08",0.83922,{"date":360,"score":76,"percentile":361},"2026-01-09",0.83924,{"date":363,"score":76,"percentile":364},"2026-01-10",0.83919,{"date":366,"score":76,"percentile":367},"2026-01-11",0.83918,{"date":369,"score":76,"percentile":370},"2026-01-12",0.83913,{"date":372,"score":76,"percentile":350},"2026-01-13",{"date":374,"score":76,"percentile":375},"2026-01-14",0.8393,{"date":377,"score":76,"percentile":375},"2026-01-15",{"date":379,"score":76,"percentile":380},"2026-01-16",0.8394,{"date":382,"score":76,"percentile":383},"2026-01-17",0.83944,{"date":385,"score":386,"percentile":387},"2026-01-18",0.02859,0.85851,{"date":389,"score":386,"percentile":390},"2026-01-19",0.85849,{"date":392,"score":393,"percentile":394},"2026-01-20",0.0164,0.81512,{"date":396,"score":393,"percentile":397},"2026-01-21",0.81518,{"date":399,"score":393,"percentile":400},"2026-01-22",0.81527,{"date":402,"score":393,"percentile":403},"2026-01-23",0.81552,{"date":405,"score":393,"percentile":187},"2026-01-24",{"date":407,"score":408,"percentile":409},"2026-01-25",0.02246,0.84182,{"date":411,"score":408,"percentile":412},"2026-01-26",0.84181,{"date":414,"score":408,"percentile":415},"2026-01-27",0.84183,{"date":417,"score":408,"percentile":418},"2026-01-28",0.84186,{"date":420,"score":408,"percentile":421},"2026-01-29",0.84187,{"date":423,"score":408,"percentile":424},"2026-01-30",0.84191,{"date":426,"score":408,"percentile":427},"2026-01-31",0.84192,{"date":429,"score":408,"percentile":430},"2026-02-01",0.84261,[432,439],{"source":86,"cvss_v2_0":9,"cvss_v3_0":433,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":434,"baseSeverity":435,"vectorString":436,"impactScore":437,"exploitabilityScore":438},5,"MEDIUM","CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",5.7,4.1,{"source":80,"cvss_v2_0":440,"cvss_v3_0":445,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":441,"baseSeverity":9,"vectorString":442,"impactScore":443,"exploitabilityScore":444},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,10,{"baseScore":78,"baseSeverity":446,"vectorString":81,"impactScore":447,"exploitabilityScore":444},"CRITICAL",8.7,[449,458,464,473,480,488],{"ecosystem":9,"name":450,"vendor":451,"product":452,"cpe_part":453,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":454},"debian linux","debian","debian_linux","o",[455],{"version":456,"is_range":74,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"ecosystem":9,"name":459,"vendor":460,"product":459,"cpe_part":453,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":461},"fedora","fedoraproject",[462],{"version":463,"is_range":74,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"ecosystem":9,"name":465,"vendor":465,"product":465,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":467},"libssh2","a",[468],{"version":469,"is_range":470,"range_type":457,"version_start":9,"version_start_type":9,"version_end":471,"version_end_type":472,"fixed_in":9},"lt1.8.1",true,"1.8.1","excluding",{"ecosystem":9,"name":474,"vendor":475,"product":476,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":477},"ontap select deploy administration utility","netapp","ontap_select_deploy_administration_utility",[478],{"version":479,"is_range":74,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":481,"vendor":482,"product":481,"cpe_part":453,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":483},"leap","opensuse",[484,486],{"version":485,"is_range":74,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":487,"is_range":74,"range_type":457,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":465,"vendor":489,"product":465,"cpe_part":466,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":490},"the libssh2 project",[491],{"version":471,"is_range":74,"range_type":86,"version_start":471,"version_start_type":492,"version_end":471,"version_end_type":492,"fixed_in":9},"including"]