Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38408 | 2 Fedoraproject, Openbsd | 2 Fedora, Openssh | 2023-12-22 | N/A | 9.8 CRITICAL |
| The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009. | |||||
| CVE-2023-28531 | 2 Netapp, Openbsd | 4 Brocade Fabric Operating System, Hci Bootstrap Os, Solidfire Element Os and 1 more | 2023-12-22 | N/A | 9.8 CRITICAL |
| ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. | |||||
| CVE-2016-1908 | 1 Openbsd | 1 Openssh | 2018-09-11 | 7.5 HIGH | 9.8 CRITICAL |
| The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server. | |||||