SCP implementations impacted by 36-years-old security flaws OpenSSH, Putty, and WinSCP are all impacted. Patches available for WinSCP January 14, 2019 https://www.zdnet.com/article/scp-implementations-impacted-by-36-years-old-security-flaws/
I only use SCP between my own systems. Even before seeing this, I'm not sure that I'd have felt comfortable accessing others' SCP servers.