CVE ID | PuTTY bug database entries referring to it |
CVE-2002-1357 | vuln-sshredder (fixed in 0.53b) |
CVE-2002-1358 | vuln-sshredder (fixed in 0.53b) |
CVE-2002-1359 | vuln-sshredder (fixed in 0.53b) |
CVE-2002-1360 | vuln-sshredder (fixed in 0.53b) |
CVE-2003-0048 | vuln-passwd-memdump (fixed in 0.54) |
CVE-2003-0069 | vuln-window-title (fixed in 0.54) |
CVE-2004-1008 | vuln-ssh2-debug (fixed in 0.56) |
CVE-2004-1440 | vuln-modpow (fixed in 0.55) |
CVE-2005-0467 | vuln-sftp-readdir (fixed in 0.57) vuln-sftp-string (fixed in 0.57) |
CVE-2006-7162 | puttygen-unix-perms (not classed as a vulnerability; fixed in 0.59) |
CVE-2008-5161 | ssh2-cbc-pktlen-weakness (not classed as a vulnerability; fixed in 0.61) |
CVE-2011-4607 | password-not-wiped (fixed in 0.62) |
CVE-2013-4206 | vuln-modmul (fixed in 0.63) |
CVE-2013-4207 | vuln-bignum-division-by-zero (fixed in 0.63) |
CVE-2013-4208 | private-key-not-wiped (fixed in 0.63) |
CVE-2013-4852 | vuln-signature-stringlen (fixed in 0.63) |
CVE-2015-2157 | private-key-not-wiped-2 (fixed in 0.64) |
CVE-2015-5309 | vuln-ech-overflow (fixed in 0.66) |
CVE-2016-2563 | vuln-pscp-sink-sscanf (fixed in 0.67) |
CVE-2016-6167 | vuln-indirect-dll-hijack (fixed in 0.68) |
CVE-2017-6542 | vuln-agent-fwd-overflow (fixed in 0.68) |
CVE-2019-6109 | pscp-unsanitised-server-output (not classed as a vulnerability; fixed in 0.71) |
CVE-2019-6110 | pscp-unsanitised-server-output (not classed as a vulnerability; fixed in 0.71) |
CVE-2019-9894 | vuln-rsa-kex-integer-overflow (fixed in 0.71) |
CVE-2019-9895 | vuln-fd-set-overflow (fixed in 0.71) |
CVE-2019-9896 | vuln-chm-hijack (fixed in 0.71) |
CVE-2019-9897 | vuln-terminal-dos-combining-chars (fixed in 0.71) vuln-terminal-dos-combining-chars-double-width-gtk (fixed in 0.71) vuln-terminal-dos-one-column-cjk (fixed in 0.71) |
CVE-2019-9898 | vuln-rng-reuse (fixed in 0.71) |
CVE-2019-17067 | vuln-win-exclusiveaddruse (fixed in 0.73) |
CVE-2019-17068 | vuln-bracketed-paste-data-outside-brackets (fixed in 0.73) |
CVE-2019-17069 | ssh1-disconnect-use-after-free (not classed as a vulnerability; fixed in 0.73) |
CVE-2020-14002 | vuln-dynamic-hostkey-info-leak (fixed in 0.74) |
CVE-2021-33500 | vuln-windows-remote-title-dos (fixed in 0.75) |
CVE-2021-36367 | reject-trivial-auth (not classed as a vulnerability; fixed in 0.76) vuln-auth-prompt-spoofing (fixed in 0.71) |
CVE-2023-48795 | vuln-terrapin (fixed in 0.80) |
CVE-2024-31497 | vuln-p521-bias (fixed in 0.81) |