Security report

My security vendor provided me with this report.
I am on 4.5.0-6

OpenSSH
Current Version:
9.2
CVE-2023-28531
CVE-2023-38408
CVE-2023-48795
CVE-2023-51384
CVE-2023-51385
CVE-2024-6387
CVE-2025-26465
Nginx
Current Version:
1.22.1
CVE-2023-44487

Detected At:
Mar 30, 2025 04:45:07 pm

Just making sure that we are safe
Thank you

On VitalPBX, the OS dependencies/packages like OpenSSH and Nginx versions are managed by the Debian security team. The version numbers reported in the scan might not directly match upstream releases, as Debian applies security patches to their stable package versions without always bumping the version number.

To check if your installed versions are patched against these CVEs, you can check the Debian Security Tracker.

https://security-tracker.debian.org/tracker/source-package/openssh
https://security-tracker.debian.org/tracker/source-package/nginx

We strongly recommend updating the whole O.S. every now and then to apply any pending security updates for all the packages.

apt clean all
apt update
apt upgrade -y

Reboot the server in case of Kernel update.

reboot
1 Like

Thank you very much!

I’ll update it.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.