VYPR

rpm package

suse/openssh&distro=SUSE Linux Micro 6.1

pkg:rpm/suse/openssh&distro=SUSE%20Linux%20Micro%206.1

Vulnerabilities (6)

  • CVE-2026-35388LowApr 2, 2026
    affected < 9.6p1-slfo.1.1_6.1fixed 9.6p1-slfo.1.1_6.1

    OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.

  • CVE-2026-3497HigMar 12, 2026
    affected < 9.6p1-slfo.1.1_6.1fixed 9.6p1-slfo.1.1_6.1

    Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does

  • CVE-2025-61985LowOct 6, 2025
    affected < 9.6p1-slfo.1.1_3.1fixed 9.6p1-slfo.1.1_3.1

    ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

  • CVE-2025-61984LowOct 6, 2025
    affected < 9.6p1-slfo.1.1_3.1fixed 9.6p1-slfo.1.1_3.1

    ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file

  • CVE-2025-26466Feb 28, 2025
    affected < 9.6p1-slfo.1.1_2.1fixed 9.6p1-slfo.1.1_2.1

    A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such pack

  • CVE-2025-26465MedFeb 18, 2025
    affected < 9.6p1-slfo.1.1_2.1fixed 9.6p1-slfo.1.1_2.1

    A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying