A vulnerability has been discovered in older versions of the SSH client PuTTY.
Users who are using or have generated keys using versions from PuTTY 0.68 (released on February 21, 2017) to PuTTY 0.80 (released on December 18, 2023) should update their PuTTY to the latest version (currently 0.81) and regenerate keys using the latest version of PuTTY or another tool.
Software that uses PuTTY, such as WinSCP, may also be affected and should be updated appropriately.

For more information on the vulnerability, please see the following web pages.

PuTTY vulnerability vuln-p521-bias
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html

CVE-2024-31497
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31497