Lucene search
K

29 matches found

NVD
NVD
added 2026/05/22 4:16 a.m.28 views

CVE-2026-39832

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

9.1CVSS0.00338EPSS
Exploits0References7
OSV
OSV
added 2026/04/09 9:32 p.m.4 views

JLSEC-2026-69

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS7.1AI score0.00426EPSS
Exploits0References14
F5 Networks
F5 Networks
added 2024/03/05 6:54 p.m.84 views

K000138825: OpenSSH vulnerability CVE-2023-51384

Security Advisory Description In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token...

5.5CVSS6.8AI score0.00426EPSS
Exploits0
Veracode
Veracode
added 2024/01/30 5:7 p.m.53 views

Improper Authentication

OpenSSH is vulnerable to Improper Authentication. The vulnerability is due to destination constraints being incompletely applied due to their limitation to the first key when a PKCS11 token returns multiple keys, even though these constraints are specified during the addition of PKCS11-hosted...

5.5CVSS7AI score0.00426EPSS
Exploits0References8Affected Software1
OpenVAS
OpenVAS
added 2024/01/15 12:0 a.m.43 views

Mageia: Security Advisory (MGASA-2024-0010)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.93305EPSS
Exploits21References11
Microsoft CVE
Microsoft CVE
added 2023/12/25 8:0 a.m.2 views

In ssh-agent in OpenSSH before 9.6 certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys these constraints are only applied to the first key even if a PKCS#11 token returns multiple keys.

...

5.5CVSS6.9AI score0.00426EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/12/20 2:6 a.m.4 views

SUSE CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.9AI score0.00426EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2023/12/20 12:0 a.m.113 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References4
OSV
OSV
added 2023/12/20 12:0 a.m.2 views

UBUNTU-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.8AI score0.00426EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2023/12/20 12:0 a.m.63 views

OpenBSD OpenSSH < 9.6 Multiple Vulnerabilities (Terrapin Attack)

OpenBSD OpenSSH is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

6.5CVSS8.2AI score0.93305EPSS
Exploits11References4
OpenVAS
OpenVAS
added 2023/12/20 12:0 a.m.61 views

Ubuntu: Security Advisory (USN-6560-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.7AI score0.93305EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2023/12/19 9:35 p.m.217 views

CVE-2023-51384

A flaw was found in OpenSSH. When specifying destination constraints while adding PKCS11-hosted private keys, the constraints only apply to the first key even in cases where the token returns multiple keys. Mitigation Mitigation for this issue is either not available or the currently available...

5.5CVSS6.7AI score0.00426EPSS
Exploits0References3
OSV
OSV
added 2023/12/18 7:15 p.m.3 views

DEBIAN-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.6AI score0.00426EPSS
Exploits0References1
NVD
NVD
added 2023/12/18 7:15 p.m.35 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS0.00426EPSS
Exploits0References10
OSV
OSV
added 2023/12/18 7:15 p.m.5 views

AZL-32205 CVE-2023-51384 affecting package openssh for versions less than 8.9p1-3

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.7AI score0.00426EPSS
Exploits0References1
OSV
OSV
added 2023/12/18 7:15 p.m.8 views

AZL-35081 CVE-2023-51384 affecting package openssh for versions less than 9.7p1-1

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS6.7AI score0.00426EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/12/18 7:15 p.m.4 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS5.8AI score0.00426EPSS
Exploits0References8
OSV
OSV
added 2023/12/18 7:15 p.m.49 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS5.4AI score
Exploits0References7
Prion
Prion
added 2023/12/18 7:15 p.m.129 views

Code injection

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

1.7CVSS6.8AI score0.00426EPSS
Exploits0References7Affected Software1
AlpineLinux
AlpineLinux
added 2023/12/18 12:0 a.m.38 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

5.5CVSS7AI score0.00426EPSS
Exploits0
Rows per page
Query Builder