Vulnerabilities > Openbsd > Openssh > 8.2

DATE CVE VULNERABILITY TITLE RISK
2020-06-01 CVE-2020-12062 Improper Input Validation vulnerability in Openbsd Openssh 8.2
The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the remote server.
network
low complexity
openbsd CWE-20
7.5
7.5