rpm package
suse/openssh&distro=SUSE Enterprise Storage 7.1
pkg:rpm/suse/openssh&distro=SUSE%20Enterprise%20Storage%207.1
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-61985 | Low | 3.6 | < 8.4p1-150300.3.57.1 | 8.4p1-150300.3.57.1 | Oct 6, 2025 | ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. | |
| CVE-2025-61984 | Low | 3.6 | < 8.4p1-150300.3.57.1 | 8.4p1-150300.3.57.1 | Oct 6, 2025 | ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file | |
| CVE-2025-32728 | — | < 8.4p1-150300.3.49.1 | 8.4p1-150300.3.49.1 | Apr 10, 2025 | In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. | ||
| CVE-2025-26465 | Med | 6.8 | < 8.4p1-150300.3.42.1 | 8.4p1-150300.3.42.1 | Feb 18, 2025 | A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying | |
| CVE-2023-51385 | Med | 6.5 | < 8.4p1-150300.3.30.1 | 8.4p1-150300.3.30.1 | Dec 18, 2023 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in | |
| CVE-2023-48795 | Med | 5.9 | < 8.4p1-150300.3.27.1 | 8.4p1-150300.3.27.1 | Dec 18, 2023 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end | |
| CVE-2023-38408 | — | < 8.4p1-150300.3.22.1 | 8.4p1-150300.3.22.1 | Jul 20, 2023 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is |
- affected < 8.4p1-150300.3.57.1fixed 8.4p1-150300.3.57.1
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
- affected < 8.4p1-150300.3.57.1fixed 8.4p1-150300.3.57.1
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file
- CVE-2025-32728Apr 10, 2025affected < 8.4p1-150300.3.49.1fixed 8.4p1-150300.3.49.1
In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.
- affected < 8.4p1-150300.3.42.1fixed 8.4p1-150300.3.42.1
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying
- affected < 8.4p1-150300.3.30.1fixed 8.4p1-150300.3.30.1
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in
- affected < 8.4p1-150300.3.27.1fixed 8.4p1-150300.3.27.1
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end
- CVE-2023-38408Jul 20, 2023affected < 8.4p1-150300.3.22.1fixed 8.4p1-150300.3.22.1
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is