DEBIAN-CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

UBUNTU-CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

SUSE CVE-2020-14002

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...

ALPINE-CVE-2020-14002

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client...

PT-2020-13830 · Simon Tatham +1 · Putty +1

Name of the Vulnerable Software and Affected Versions: PuTTY versions 0.68 through 0.73 Description: The issue allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client, due to an Observable Discrepancy leading to an...

DEBIAN-CVE-2003-0048

PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials...