2 matches found
GHSA-G794-3FMP-753H AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username
Summary AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorizedkeys/%u can be made to read an authorized-ke...
Security update for python-Django (important)
openSUSE Security Update: Security update for python-Django Announcement ID: openSUSE-SU-2024:0251-1 Rating: important References: 1207565 1227590 1227593 1227594 1227595 Cross-References: CVE-2023-23969 CVE-2024-38875 CVE-2024-39329 CVE-2024-39330 CVE-2024-39614 CVSS scores: CVE-2023-23969 NVD :...