[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3859":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":23,"aliases":24,"duplicate_of":9,"upstream":25,"downstream":26,"duplicates":69,"related":70,"reserved_at":9,"published_at":85,"modified_at":86,"state":87,"summary":88,"references_raw":97,"kevs":193,"epss":194,"epss_history":197,"metrics":458,"affected":478},"CVE-2019-3859","An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-125","Out-of-bounds Read","The product reads data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-540","Overread Buffers",[],[],[],[],[27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67],{"_key":28},"ALPINE-CVE-2019-3859",{"_key":30},"SUSE-SU-2019:0655-1",{"_key":32},"SUSE-SU-2019:1059-1",{"_key":34},"SUSE-SU-2019:1060-1",{"_key":36},"SUSE-SU-2019:13982-1",{"_key":38},"SUSE-SU-2019:13997-1",{"_key":40},"SUSE-SU-2019:14031-1",{"_key":42},"SUSE-SU-2019:14032-1",{"_key":44},"SUSE-SU-2020:3551-1",{"_key":46},"OPENSUSE-SU-2019:1109-1",{"_key":48},"OPENSUSE-SU-2019:1291-1",{"_key":50},"OPENSUSE-SU-2020:2126-1",{"_key":52},"OPENSUSE-SU-2020:2129-1",{"_key":54},"OPENSUSE-SU-2024:10999-1",{"_key":56},"DLA-1730-1",{"_key":58},"DLA-1730-3",{"_key":60},"DSA-4431-1",{"_key":62},"MGASA-2019-0139",{"_key":64},"UBUNTU-CVE-2019-3859",{"_key":66},"DEBIAN-CVE-2019-3859",{"_key":68},"USN-5308-1",[],[71,72,73,74,75,76,77,78,79,80,81,82,83,84],{"_key":30},{"_key":32},{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":62},"2019-03-20T21:18:13.000Z","2025-12-18T11:43:47.109Z","Modified",{"cisa_kev":89,"cisa_ransomware":89,"cisa_vendor":9,"epss_severity":90,"epss_score":91,"severity":92,"severity_score":93,"severity_version":94,"severity_source":95,"severity_vector":96,"severity_status":87},false,"low",0.01176,"critical",9.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",[98,107,112,118,124,129,134,139,143,147,151,156,160,164,168,173,177,181,185,189],{"url":99,"sources":100,"tags":102},"http://www.openwall.com/lists/oss-security/2019/03/18/3",[95,101],"nvd",[103,104,105,106],"Mailing List","X Refsource MLIST","Patch","Third Party Advisory",{"url":108,"sources":109,"tags":110},"https://seclists.org/bugtraq/2019/Mar/25",[95,101],[103,111,105,106],"X Refsource BUGTRAQ",{"url":113,"sources":114,"tags":115},"https://www.libssh2.org/CVE-2019-3859.html",[95,101],[116,117],"X Refsource MISC","Vendor Advisory",{"url":119,"sources":120,"tags":121},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859",[95,101],[122,123,105,106],"X Refsource CONFIRM","Issue Tracking",{"url":125,"sources":126,"tags":127},"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html",[95,101],[116,105,106,128],"VDB Entry",{"url":130,"sources":131,"tags":132},"http://www.securityfocus.com/bid/107485",[95,101],[128,133,106],"X Refsource BID",{"url":135,"sources":136,"tags":137},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/",[95,101],[117,138],"X Refsource FEDORA",{"url":140,"sources":141,"tags":142},"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767",[95,101],[122,106],{"url":144,"sources":145,"tags":146},"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html",[95,101],[103,104,106],{"url":148,"sources":149,"tags":150},"https://security.netapp.com/advisory/ntap-20190327-0005/",[95,101],[122,106],{"url":152,"sources":153,"tags":154},"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html",[95,101],[117,155,103,106],"X Refsource SUSE",{"url":157,"sources":158,"tags":159},"https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html",[95,101],[103,104,106],{"url":161,"sources":162,"tags":163},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html",[95,101],[117,155,103,106],{"url":165,"sources":166,"tags":167},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/",[95,101],[117,138],{"url":169,"sources":170,"tags":171},"https://www.debian.org/security/2019/dsa-4431",[95,101],[117,172,106],"X Refsource DEBIAN",{"url":174,"sources":175,"tags":176},"https://seclists.org/bugtraq/2019/Apr/25",[95,101],[103,111,106],{"url":178,"sources":179,"tags":180},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html",[95,101],[117,155,103,106],{"url":182,"sources":183,"tags":184},"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html",[95,101],[117,155,103,106],{"url":186,"sources":187,"tags":188},"https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html",[95,101],[103,104],{"url":190,"sources":191,"tags":192},"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",[95,101],[116],[],{"date":195,"score":91,"percentile":196},"2026-06-04",0.79064,[198,202,204,207,210,213,216,219,222,225,228,231,233,236,239,243,245,248,251,253,256,259,262,265,268,271,274,276,279,282,285,287,290,292,295,297,300,303,306,309,312,315,318,321,324,328,331,334,337,339,342,345,348,351,354,357,360,363,366,369,372,376,379,382,385,388,391,394,397,400,402,404,407,410,413,416,419,422,424,427,429,432,435,438,441,444,446,449,452,455],{"date":199,"score":200,"percentile":201},"2025-11-04",0.01028,0.76596,{"date":203,"score":200,"percentile":201},"2025-11-05",{"date":205,"score":200,"percentile":206},"2025-11-06",0.76592,{"date":208,"score":200,"percentile":209},"2025-11-07",0.76607,{"date":211,"score":200,"percentile":212},"2025-11-08",0.7661,{"date":214,"score":200,"percentile":215},"2025-11-09",0.76606,{"date":217,"score":200,"percentile":218},"2025-11-10",0.76589,{"date":220,"score":200,"percentile":221},"2025-11-11",0.76593,{"date":223,"score":200,"percentile":224},"2025-11-12",0.76613,{"date":226,"score":200,"percentile":227},"2025-11-13",0.7662,{"date":229,"score":200,"percentile":230},"2025-11-14",0.76627,{"date":232,"score":200,"percentile":227},"2025-11-15",{"date":234,"score":200,"percentile":235},"2025-11-16",0.76618,{"date":237,"score":200,"percentile":238},"2025-11-17",0.76609,{"date":240,"score":241,"percentile":242},"2025-11-18",0.02833,0.84919,{"date":244,"score":241,"percentile":242},"2025-11-19",{"date":246,"score":241,"percentile":247},"2025-11-20",0.84925,{"date":249,"score":200,"percentile":250},"2025-11-21",0.76636,{"date":252,"score":200,"percentile":250},"2025-11-22",{"date":254,"score":200,"percentile":255},"2025-11-23",0.76621,{"date":257,"score":200,"percentile":258},"2025-11-24",0.76623,{"date":260,"score":200,"percentile":261},"2025-11-25",0.7663,{"date":263,"score":200,"percentile":264},"2025-11-26",0.76635,{"date":266,"score":200,"percentile":267},"2025-11-27",0.76637,{"date":269,"score":200,"percentile":270},"2025-11-28",0.76625,{"date":272,"score":200,"percentile":273},"2025-11-29",0.76633,{"date":275,"score":200,"percentile":261},"2025-11-30",{"date":277,"score":200,"percentile":278},"2025-12-01",0.76746,{"date":280,"score":200,"percentile":281},"2025-12-02",0.76758,{"date":283,"score":200,"percentile":284},"2025-12-03",0.76747,{"date":286,"score":200,"percentile":230},"2025-12-04",{"date":288,"score":200,"percentile":289},"2025-12-05",0.76634,{"date":291,"score":200,"percentile":267},"2025-12-06",{"date":293,"score":200,"percentile":294},"2025-12-07",0.76631,{"date":296,"score":200,"percentile":250},"2025-12-08",{"date":298,"score":200,"percentile":299},"2025-12-09",0.76662,{"date":301,"score":200,"percentile":302},"2025-12-10",0.76689,{"date":304,"score":200,"percentile":305},"2025-12-11",0.76704,{"date":307,"score":200,"percentile":308},"2025-12-12",0.76724,{"date":310,"score":200,"percentile":311},"2025-12-13",0.76725,{"date":313,"score":200,"percentile":314},"2025-12-14",0.76721,{"date":316,"score":200,"percentile":317},"2025-12-15",0.76717,{"date":319,"score":200,"percentile":320},"2025-12-16",0.76729,{"date":322,"score":200,"percentile":323},"2025-12-17",0.76741,{"date":325,"score":326,"percentile":327},"2025-12-18",0.00899,0.75064,{"date":329,"score":326,"percentile":330},"2025-12-19",0.7508,{"date":332,"score":326,"percentile":333},"2025-12-20",0.75075,{"date":335,"score":326,"percentile":336},"2025-12-21",0.75069,{"date":338,"score":326,"percentile":336},"2025-12-22",{"date":340,"score":326,"percentile":341},"2025-12-23",0.75065,{"date":343,"score":326,"percentile":344},"2025-12-24",0.75074,{"date":346,"score":326,"percentile":347},"2025-12-25",0.75099,{"date":349,"score":326,"percentile":350},"2025-12-26",0.75096,{"date":352,"score":326,"percentile":353},"2025-12-27",0.75146,{"date":355,"score":326,"percentile":356},"2025-12-28",0.75078,{"date":358,"score":326,"percentile":359},"2025-12-29",0.75077,{"date":361,"score":326,"percentile":362},"2025-12-30",0.75091,{"date":364,"score":326,"percentile":365},"2025-12-31",0.75113,{"date":367,"score":326,"percentile":368},"2026-01-01",0.75254,{"date":370,"score":326,"percentile":371},"2026-01-02",0.75258,{"date":373,"score":374,"percentile":375},"2026-01-03",0.00882,0.74997,{"date":377,"score":374,"percentile":378},"2026-01-04",0.7486,{"date":380,"score":374,"percentile":381},"2026-01-05",0.74853,{"date":383,"score":374,"percentile":384},"2026-01-06",0.74866,{"date":386,"score":374,"percentile":387},"2026-01-07",0.74876,{"date":389,"score":374,"percentile":390},"2026-01-08",0.7489,{"date":392,"score":374,"percentile":393},"2026-01-09",0.74894,{"date":395,"score":374,"percentile":396},"2026-01-10",0.74893,{"date":398,"score":374,"percentile":399},"2026-01-11",0.7488,{"date":401,"score":374,"percentile":384},"2026-01-12",{"date":403,"score":374,"percentile":384},"2026-01-13",{"date":405,"score":374,"percentile":406},"2026-01-14",0.74892,{"date":408,"score":374,"percentile":409},"2026-01-15",0.749,{"date":411,"score":374,"percentile":412},"2026-01-16",0.74914,{"date":414,"score":374,"percentile":415},"2026-01-17",0.74913,{"date":417,"score":374,"percentile":418},"2026-01-18",0.74895,{"date":420,"score":374,"percentile":421},"2026-01-19",0.74886,{"date":423,"score":374,"percentile":390},"2026-01-20",{"date":425,"score":374,"percentile":426},"2026-01-21",0.74896,{"date":428,"score":374,"percentile":409},"2026-01-22",{"date":430,"score":374,"percentile":431},"2026-01-23",0.74928,{"date":433,"score":374,"percentile":434},"2026-01-24",0.74935,{"date":436,"score":374,"percentile":437},"2026-01-25",0.7492,{"date":439,"score":374,"percentile":440},"2026-01-26",0.74919,{"date":442,"score":374,"percentile":443},"2026-01-27",0.74929,{"date":445,"score":374,"percentile":434},"2026-01-28",{"date":447,"score":374,"percentile":448},"2026-01-29",0.74932,{"date":450,"score":374,"percentile":451},"2026-01-30",0.74934,{"date":453,"score":374,"percentile":454},"2026-01-31",0.74936,{"date":456,"score":374,"percentile":457},"2026-02-01",0.75055,[459,470],{"source":95,"cvss_v2_0":9,"cvss_v3_0":460,"cvss_v3_1":466,"cvss_v4_0":9},{"baseScore":461,"baseSeverity":462,"vectorString":463,"impactScore":464,"exploitabilityScore":465},5,"MEDIUM","CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",5.7,4.1,{"baseScore":93,"baseSeverity":467,"vectorString":96,"impactScore":468,"exploitabilityScore":469},"CRITICAL",8.7,10,{"source":101,"cvss_v2_0":471,"cvss_v3_0":475,"cvss_v3_1":477,"cvss_v4_0":9},{"baseScore":472,"baseSeverity":9,"vectorString":473,"impactScore":474,"exploitabilityScore":469},6.4,"AV:N/AC:L/Au:N/C:P/I:N/A:P",4.9,{"baseScore":93,"baseSeverity":467,"vectorString":476,"impactScore":468,"exploitabilityScore":469},"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",{"baseScore":93,"baseSeverity":467,"vectorString":96,"impactScore":468,"exploitabilityScore":469},[479,490,498,507,514,522],{"ecosystem":9,"name":480,"vendor":481,"product":482,"cpe_part":483,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":484},"debian linux","debian","debian_linux","o",[485,488],{"version":486,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"8.0","cpe",{"version":489,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0",{"ecosystem":9,"name":491,"vendor":492,"product":491,"cpe_part":483,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":493},"fedora","fedoraproject",[494,496],{"version":495,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"28",{"version":497,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"ecosystem":9,"name":499,"vendor":499,"product":499,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":501},"libssh2","a",[502],{"version":503,"is_range":504,"range_type":487,"version_start":9,"version_start_type":9,"version_end":505,"version_end_type":506,"fixed_in":9},"lt1.8.1",true,"1.8.1","excluding",{"ecosystem":9,"name":508,"vendor":509,"product":510,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":511},"ontap select deploy administration utility","netapp","ontap_select_deploy_administration_utility",[512],{"version":513,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":515,"vendor":516,"product":515,"cpe_part":483,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":517},"leap","opensuse",[518,520],{"version":519,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"15.0",{"version":521,"is_range":89,"range_type":487,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"42.3",{"ecosystem":9,"name":499,"vendor":523,"product":499,"cpe_part":500,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"the libssh2 project",[525],{"version":505,"is_range":89,"range_type":95,"version_start":505,"version_start_type":526,"version_end":505,"version_end_type":526,"fixed_in":9},"including"]