{"id":"CVE-2019-3855","details":"An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.","modified":"2026-04-02T02:07:50.357715Z","published":"2019-03-21T21:29:00.433Z","related":["MGASA-2019-0139","SUSE-SU-2019:0655-1","SUSE-SU-2019:13982-1","SUSE-SU-2019:13997-1","SUSE-SU-2020:3551-1","openSUSE-SU-2019:1109-1","openSUSE-SU-2020:2126-1","openSUSE-SU-2020:2129-1","openSUSE-SU-2024:10999-1"],"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"},{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Sep/49"},{"type":"ADVISORY","url":"https://www.debian.org/security/2019/dsa-4431"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/107485"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1943"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:2399"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Apr/25"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1652"},{"type":"ADVISORY","url":"https://seclists.org/bugtraq/2019/Mar/25"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190327-0005/"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT210609"},{"type":"ADVISORY","url":"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2019/Sep/42"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:0679"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1175"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1791"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2019/03/18/3"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855"},{"type":"FIX","url":"https://www.libssh2.org/CVE-2019-3855.html"},{"type":"FIX","url":"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libssh2/libssh2","events":[{"introduced":"0"},{"fixed":"f15b1e297f72882214988101ccdc5e6ad30d7e6e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.8.1"}]}}],"versions":["RELEASE.0.1","RELEASE.0.10","RELEASE.0.11","RELEASE.0.12","RELEASE.0.13","RELEASE.0.14","RELEASE.0.15","RELEASE.0.16","RELEASE.0.17","RELEASE.0.18","RELEASE.0.3","RELEASE.0.5","RELEASE.0.6","RELEASE.0.7","RELEASE.0.8","RELEASE.1.0","RELEASE.1.1","beforenb-0.14","beforenb2-0.14","libssh2-1.10.0","libssh2-1.11.0","libssh2-1.11.1","libssh2-1.2","libssh2-1.2.1","libssh2-1.2.2","libssh2-1.2.3","libssh2-1.2.4","libssh2-1.2.5","libssh2-1.2.6","libssh2-1.2.7","libssh2-1.2.8","libssh2-1.2.9","libssh2-1.3.0","libssh2-1.4.0","libssh2-1.4.1","libssh2-1.4.2","libssh2-1.4.3","libssh2-1.5.0","libssh2-1.6.0","libssh2-1.7.0","libssh2-1.8.0","libssh2-1.9.0","start"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-3855.json","vanir_signatures":[{"signature_type":"Function","id":"CVE-2019-3855-0ca26948","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_open","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":4408,"function_hash":"130513997029550922359825906680064252000"}},{"signature_type":"Function","id":"CVE-2019-3855-0e392e92","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_readdir","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":3539,"function_hash":"156870125600685460170868214097255513227"}},{"signature_type":"Function","id":"CVE-2019-3855-21c8b8e3","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_rmdir","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":1909,"function_hash":"4909406955743338623248799753191051693"}},{"signature_type":"Line","id":"CVE-2019-3855-2974ffb5","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"file":"src/transport.c"},"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["103640067018174600133330910359064061656","251614726574061676586289990518126361186","160074926891258545270335781273850368025","175967038859953433788643658712700991614","252300636862946662459037524291845680275","205740744867692225602624986094250651221","207624455288639164266962776785126235995","163971524350525289386178785941670039263","276536363861099461625239258560197416473","97475082405096749075769309233547564320","94068023891273845685731676384258751860","37043339973854571182598270819587221390","117693848582867079457949872677006588348"],"threshold":0.9}},{"signature_type":"Function","id":"CVE-2019-3855-2be55118","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_mkdir","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2156,"function_hash":"316978795291479301498767208600174571070"}},{"signature_type":"Function","id":"CVE-2019-3855-3ad1de42","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_init","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":4523,"function_hash":"247608176950622540586523868616884867221"}},{"signature_type":"Line","id":"CVE-2019-3855-425b2318","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"file":"src/packet.c"},"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["199396428921383754567904753674561677405","31270133804357931177586560687876822135","323494851822450658344732192105776836261","142904498334225816359222279156429574219","169213715357542628219828394899215327742","246723504391855212743667096651081259770","219723528149573161056324137910968385847","99693739572536478413343126564542209099","16230607100086614390618655014737886935","28864690644433868393505781328262715087","283415771086431288375148369345601439353","214993028641586205385716756194042343297","30674174382679724740545357973292301528","291367533649477489803520153245601884780","13527362274155811114909863399079036034","337874180370048735146254978566702197608","73397564045854670126237563937225855875","124804228161260961836001165961206847102","320614444515314617417442576224728719669","133936557929027914058817960718498019923","262097959832462143885816594370464631676","203691769679753352705204953988371625577","243194598704361328605250134210260591689","326831759020577706739183718505705905050","71871589318446607018536788288997050415","253954920303967547017471681273447093624","170568547844691926401536349425002763636","187090474249837812343676850997532421230"],"threshold":0.9}},{"signature_type":"Function","id":"CVE-2019-3855-46137bf3","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_packet_read","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2605,"function_hash":"29007860238940795080508963162592432190"}},{"signature_type":"Function","id":"CVE-2019-3855-4ecb9954","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_stat","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2584,"function_hash":"254966901820516394836965153946132231984"}},{"signature_type":"Function","id":"CVE-2019-3855-57e9cb40","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_rename","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2773,"function_hash":"249582709169939548119986391714566587458"}},{"signature_type":"Function","id":"CVE-2019-3855-59a9cc8e","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_packet_require","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":755,"function_hash":"223967078130286108809695263676424007701"}},{"signature_type":"Function","id":"CVE-2019-3855-640fa543","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_statvfs","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":3022,"function_hash":"193066954364750455190143169852470119048"}},{"signature_type":"Function","id":"CVE-2019-3855-6a03a4b9","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_fstat","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2297,"function_hash":"87552939035090404817081513900749527780"}},{"signature_type":"Function","id":"CVE-2019-3855-783199a0","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_fstatvfs","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":3007,"function_hash":"154740709970448259212685139117790334031"}},{"signature_type":"Function","id":"CVE-2019-3855-7da31b87","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_fsync","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":1911,"function_hash":"70978722542747169381628534237088897245"}},{"signature_type":"Function","id":"CVE-2019-3855-9673ff73","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"comp_method_zlib_decomp","file":"src/comp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":1654,"function_hash":"208535582750504528373704712557279675537"}},{"signature_type":"Function","id":"CVE-2019-3855-97f35798","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_unlink","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":1920,"function_hash":"238207622479120586066667974561029709217"}},{"signature_type":"Function","id":"CVE-2019-3855-9fe2ce69","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_read","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":4981,"function_hash":"124395554584902358064113245536469288122"}},{"signature_type":"Function","id":"CVE-2019-3855-a66e6b6f","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"_libssh2_packet_add","file":"src/packet.c"},"signature_version":"v1","deprecated":false,"digest":{"length":11818,"function_hash":"139263013769379301112963821642518252508"}},{"signature_type":"Function","id":"CVE-2019-3855-a730579c","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_close_handle","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2400,"function_hash":"66510952666634007487595159615921400704"}},{"signature_type":"Function","id":"CVE-2019-3855-acd172be","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"_libssh2_transport_read","file":"src/transport.c"},"signature_version":"v1","deprecated":false,"digest":{"length":4342,"function_hash":"86799271662232441093211086418938079874"}},{"signature_type":"Function","id":"CVE-2019-3855-b1dd8ea0","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_write","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":2761,"function_hash":"140906860977583506650338755207525446836"}},{"signature_type":"Line","id":"CVE-2019-3855-b7f606b3","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"file":"src/comp.c"},"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["138738530997871058217324760481727426837","107696138087189122395259564886294388409","112290794496393128758852903264868162876","52809053727959276374355721959295612802","12770254551893424450503600189042573183","45617965563845038229481539466585268405","215001412866021085991442586565829484801","235590017375331229929012890388037113137"],"threshold":0.9}},{"signature_type":"Line","id":"CVE-2019-3855-c37c10bd","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"line_hashes":["65971095931925607474165134484707703870","222723814939289348153355218146051798198","113480671933772311259999772610030569336","19695196832547598462457606834888635615","127049609747369336629182122475223020099","12470525589096534373276772728943659418","32155044467733481342404278069036594458","137779044843821191784305731216222529813","35747479322450766103434935566647633406","264759112087557798261983845359922580641","124088991803049945995184704852618995659","69805208474528674640255646942333298757","39601999874935426976778124523015805251","57580518838138542592417823173772120049","186690662476264171509820097736854606281","338722790218394493408045181185693330324","31318634649267370158387018395801710174","95863922084561089809966480355738672597","58562536153111486358663849161738575391","257586373076696049531271256992484549527","31318634649267370158387018395801710174","277941692672437854805067903895533117024","930195365551914465066024542022810991","61520882827881812082931468515474380345","124281258548907136504826399210771877949","155501579177461536138581566675440960402","186607624919055905161998020334857839241","47681059168272189731028481248166910692","215514296480026391178757771523218541956","88090310640409556215378225968635983611","282858968097619018335710218937956472745","206723659974232298975308156384218492425","62643511169649774551098817898864425199","90588068352132509662273725952670578185","5949032184103962164393255491741662758","267358470374560428876951903194556027302","153569500645276666280424855998876298522","308768677104799613741566934932725626192","155730129718991520697083261850045961201","91042509781940371706750289238285346291","27799944137411759435370625571730748854","256161885760382376840634742225089632239","262936591145080649541521842326296296120","168851920835715716094680876322044398117","275637493478533621538051109460065311802","230638497528559349553204731718158904924","113678694170965915210742920031675088874","40465521627419482603241296577906043282","63974396562076364004410605472592576352","61451944515453976870439667744169564234","180215300447983459927482916705205222939","9266068043088845311367125596569259713","71419377436793728620258786506371560031","145210085632340086396633827167546162936","47807591203379758147825292113223787016","111998017294301633208648524004364157841","258785824145221317512203237360247127886","211961257851835882353516745411066373895","114392684302371829813918826047439646487","63516389893263173839425079822194386402","44995087142340885320955708510142028317","315785706471591786547760636496876835558","281287673267630434740913578343761857834","82055086117350736593464579596242579390","240697114719864734704130356037410003492","25980792220443664312812863780509491933","309375271014376797390582696640938854802","267194618946616474740169495452809792277","278271064226926070568271101273169969544","8355910987929864717976471771471060091","327462548944843076303582838559055658150","294256946859065932751589814290439689937","185313271949990824169815147014670785682","53475186571127548974763691221223138970","337563969164289193366204957787591802359","92644892202845676742578405296835828825","86087153852978759774299934062152989962","112964276935553004836376032254016672688","289579509164681042336399307119694177534","298033822111783483321705680237256265678","209162555698799178220780671810814560572","13689337585668230087589507524772507124","75362359045000927892893310693532857619","78804669067230340826741349486387747146","261623767361555437110036042798504602926","103134360100103820481559057987273522738","50384679293043126667677926233974939327","229668762245312120457285614608594240879","165754131809779153140883632498189461641","193034515654885850997808592801924841630","335591587411946502325695806052608880345","52281048307288099264109015654793140510","44205016054515026345581986368518233972","39841262345021971125844634990927640977","232718353402101803513266714102983644072","168798127306700442159352040865028449896","128239354073677256529295492671255772437","252565854097638444761537694175149212092","72395714320895708330889239108283513575","122302543619529130893031948749102209273","95841681264838622280224943970048938054","324685089401091111393322302699745158459","178707709333783344491235177861913131455","295983542749776270534596316135177109219","29854098181896915129826445024171510731","337549952105635249669764912428209516193","55266472864524757707705108776494277414","79356641381436487603846310142759879643","34792662147523098743641077256885522470","93461199567666421290296820833655260890","298621117493045171771395055030238789388","69848770615224363219844122459323722609","35921323436327693860879660953410172195","82564147952529436183823380744155964769","11858037141856020586467799175878458608","335009752433316231962913636175368933142","239365244743271890997198862873294469238","330219164155508602015846383834294347152","29586653335739588545945019563268098986","48013272687762206755489564924592530729","284543039639426751679002065098106022213","200438280933182403304629807783836713122","257202731296099122138381793481315861782","241271294108767055642727677604659391630","267885774582818383503282869863045070932","34441547194473610201163048245293020542","229448937312690753453483851599264381932","100195684414310996402914543955609069823","8605136978013357756025765119857267745","249435438705802222905355549201951325819","181152445570287677124124990101939343845","335792651507686945617272029432643296012","32802119658179107979174637314732177078","312926963816273394802981816116845581862","103030351090938202301754232920473257916","324790573564236878299053896704383402611","333527735370601391781275787584413733631","320384936982751123847438764316116953848","251951326985529864956843125396668566696","68330753670659192255694925297889863963","61786365292793417296096874403737634813","286470647739747073742467474246217568694","142216805141072893913524675812838378923","48988159106810550940032179867644065778","290440625174490493531749932745669754405","224616978884452045617453603718386650868","55544229816361082848277849865020565203","82693726025499378285847793081683433160","288609726654228990926199491382998811482","268875361056801277377869759652344798556","333527735370601391781275787584413733631","104860605808974076465809389005223186298","51538934081336964157461772117271611281","51017454342430543419503018118769891394","26318238546097311212082765259642192583","154843417833589417577055145332299757133","253211409990975367809086894924569379890","79625918431933636717345291440747130492","183572491089278745947131740599860704786","135309236174200592466520246653642658054","105361015126032660211071059373026847209","87578362019669109801966768192408966505","227543258507976190481950008223679214826","328586714866202099419917549760057778940","79625918431933636717345291440747130492","25302490782050586745203522004483747970","24903589728618869564855089009837533522","289921611383971045717345298168855529303","283390309832871614962769806139433723827","54560776545286361784950090303914848633","302252221570731585287640313191875333916","79625918431933636717345291440747130492","297215847698455143965816521190004531801","282737104716336697088580419529099096210","254565416488565427064818775725351866745","231065676751345376281102256010984817035","68984405426815457249298147373349203119","291365839665883361548384776738004842727","238651297682930144651966495022134699791","174800485988229659875224033552284296567","198234272447601820668374162789938227624","322799026089645498443822212709176295369","710674258222870202709518609147075289","164814568105973671659204681195078440816","125524353926834576058499224351393324674","234807091231144583136364698532677977768","103068025833541066735574443881785806140","253238820049730472494259852459688219340","266528477362298232042453899676309248769","292337139153980869680215941573780055061","296898326922424954932700838967752867397","32802119658179107979174637314732177078","298708163951692866016080190435144709292","132673035362168830908785363969255425940","248089546207792900547541375589979958770","34792662147523098743641077256885522470","255237575265875068672146120583307373998","189648308884693257036150127320802169210","199788790621018672579779240874188173145","61966220155080096774444514593258776927","267583222670584456445189804748637348059"],"threshold":0.9}},{"signature_type":"Function","id":"CVE-2019-3855-cf460c89","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_packet_add","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":1579,"function_hash":"320106694470257626261390603374947973232"}},{"signature_type":"Function","id":"CVE-2019-3855-d33f0c92","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_bin2attr","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":732,"function_hash":"172731995241483846760821216506079248173"}},{"signature_type":"Function","id":"CVE-2019-3855-dfa5cee2","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_packet_requirev","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":970,"function_hash":"301312821367067488469848435822307916452"}},{"signature_type":"Function","id":"CVE-2019-3855-f3db2fbf","source":"https://github.com/libssh2/libssh2/commit/f15b1e297f72882214988101ccdc5e6ad30d7e6e","target":{"function":"sftp_symlink","file":"src/sftp.c"},"signature_version":"v1","deprecated":false,"digest":{"length":3195,"function_hash":"221544842930002450920983577552015030504"}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"28"}]},{"events":[{"introduced":"0"},{"last_affected":"29"}]},{"events":[{"introduced":"0"},{"last_affected":"30"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"42.3"}]},{"events":[{"introduced":"0"},{"fixed":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"8.56"}]},{"events":[{"introduced":"0"},{"last_affected":"8.57"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}