rpm package
suse/openssh-askpass-gnome&distro=SUSE Linux Enterprise Real Time 15 SP3
pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-38408 | — | < 8.4p1-150300.3.22.1 | 8.4p1-150300.3.22.1 | Jul 20, 2023 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is |
- CVE-2023-38408Jul 20, 2023affected < 8.4p1-150300.3.22.1fixed 8.4p1-150300.3.22.1
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this is