Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-01-31	CVE-2019-6111	Path Traversal vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens CWE-22	5.9
2019-01-31	CVE-2019-6110	Inappropriate Encoding for Output Context vulnerability in multiple products In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred. network high complexity openbsd winscp netapp siemens CWE-838	6.8
2019-01-31	CVE-2019-6109	Improper Encoding or Escaping of Output vulnerability in multiple products An issue was discovered in OpenSSH 7.9. network high complexity openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu CWE-116	6.8
2019-01-10	CVE-2018-20685	Incorrect Authorization vulnerability in multiple products In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . network high complexity openbsd winscp netapp debian canonical redhat oracle fujitsu siemens CWE-863	5.3