VYPR

rpm package

opensuse/openssh&distro=openSUSE Leap 16.0

pkg:rpm/opensuse/openssh&distro=openSUSE%20Leap%2016.0

Vulnerabilities (2)

  • CVE-2025-61985LowOct 6, 2025
    affected < 10.0p2-160000.3.1fixed 10.0p2-160000.3.1

    ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

  • CVE-2025-61984LowOct 6, 2025
    affected < 10.0p2-160000.3.1fixed 10.0p2-160000.3.1

    ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file