apk package
wolfi/openssh-server-config
pkg:apk/wolfi/openssh-server-config
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-3094 | — | < 0 | 0 | Mar 29, 2024 | Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify sp | ||
| CVE-2023-51767 | Hig | 7.0 | < 9.6_p1-r0 | 9.6_p1-r0 | Dec 24, 2023 | OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of a | |
| CVE-2023-38408 | — | < 9.3_p2-r0 | 9.3_p2-r0 | Jul 20, 2023 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is | ||
| CVE-2023-25136 | Med | 6.5 | < 9.2_p1-r0 | 9.2_p1-r0 | Feb 3, 2023 | OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address |
- CVE-2024-3094Mar 29, 2024affected < 0fixed 0
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify sp
- affected < 9.6_p1-r0fixed 9.6_p1-r0
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of a
- CVE-2023-38408Jul 20, 2023affected < 9.3_p2-r0fixed 9.3_p2-r0
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is
- affected < 9.2_p1-r0fixed 9.2_p1-r0
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address