Search CVE reports
21 – 30 of 97 results
Some fixes available 5 of 11
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | Fixed | Fixed | Not affected | Not affected |
| openssh-ssh1 | — | Ignored | Ignored | Ignored | Ignored |
Some fixes available 46 of 95
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation...
13 affected packages
dropbear, filezilla, golang-go.crypto, libssh, libssh2...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| dropbear | Needs evaluation | Needs evaluation | Fixed | Fixed | Fixed |
| filezilla | Fixed | Fixed | Fixed | Fixed | Not affected |
| golang-go.crypto | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| libssh | Not affected | Not affected | Fixed | Fixed | Not affected |
| libssh2 | Not affected | Not affected | Not affected | Not affected | Not affected |
| lxd | Not in release | Not in release | Not in release | Not affected | Fixed |
| openssh | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored | Ignored |
| paramiko | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
| proftpd-dfsg | Needs evaluation | Not affected | Not affected | Fixed | Needs evaluation |
| putty | Not affected | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| python-asyncssh | Fixed | Fixed | Fixed | Fixed | Ignored |
| snapd | Not affected | Not affected | Not affected | Not affected | Not affected |
Some fixes available 12 of 23
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | Fixed | Fixed | Fixed | Fixed | Fixed |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored | Ignored |
Some fixes available 2 of 3
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | Fixed | Not affected | Not affected |
| openssh-ssh1 | — | — | Not affected | Not affected | Not affected |
OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | Not affected | Not affected | Not affected | Not affected |
| openssh-ssh1 | — | Not affected | Not affected | Not affected | Not affected |
An issue was discovered in OpenSSH before 8.9. If a client is using public-key authentication with agent forwarding but without -oLogLevel=verbose, and an attacker has silently modified the server to support the None...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | Not affected | Not affected | Not affected |
| openssh-ssh1 | — | — | Not affected | Not affected | Not affected |
Some fixes available 2 of 18
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | Not affected | Not affected | Not affected | Fixed | Vulnerable |
| openssh-ssh1 | Ignored | Ignored | Ignored | Ignored | Ignored |
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | Ignored | Ignored | Ignored |
| openssh-ssh1 | — | — | Ignored | Ignored | Ignored |
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | — | Fixed | Not affected |
| openssh-ssh1 | — | — | — | Not affected | Not affected |
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has stated that they intentionally omit...
2 affected packages
openssh, openssh-ssh1
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| openssh | — | — | — | Ignored | Ignored |
| openssh-ssh1 | — | — | — | Ignored | Ignored |