2 matches found
golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: Security bypass due to improper handling of key restrictions
A flaw was found in golang.org/x/crypto/ssh/agent. When a key was added to a remote agent, security restrictions, known as constraint extensions, were not properly processed during the request. This allowed these restrictions to be silently removed when keys were forwarded, leading to the...
CVE-2025-47913
CVE-2025-47913: SSH clients panic when receiving SSH_AGENT_SUCCESS, causing early client termination. CVSS v3.1 base 7.5 (HIGH). Connected IBM advisories confirm the issue affects IBM Storage Scale (5.2.3.0–5.2.3.5, fixed in 5.2.3.6) and IBM Storage Scale 6.0.0.0 (fixed in 6.0.0.1), with remediat...