Advisory ROSA-SA-2025-3076

Software: openssh 8.0p1 OS: ROSA Virtualization 3.0 unaffected versions = openssh-8.0p1-26.0.2.2.rv30 affected versions openssh-8.0p1-26.0.2.2.rv30 CVE-ID: CVE-2020-15778 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the toremote scp.c function of the OpenSSH cryptographic security tool...

EUVD-2025-10504

Malicious code in bioql PyPI...

EulerOS 2.0 SP11 : openssh (EulerOS-SA-2025-1937)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent...

EulerOS 2.0 SP10 : openssh (EulerOS-SA-2025-1784)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent...

Medium: openssh

Issue Overview: In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Affected Packages: openssh Issue Correction: Run dnf update openssh --releasever 2023.7.20250623 to update your...

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2025-1038)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1038 advisory. In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. CVE-2025-32728 Tenable has extracted the precedin...

Amazon Linux 2 : openssh (ALAS-2025-2881)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2881 advisory. In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11...

AIX is vulnerable to an expected behavior violation (CVE-2025-32728) due to OpenSSH

IBM SECURITY ADVISORY First Issued: Tue Jun 10 08:33:35 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/opensshadvisory19.asc Security Bulletin: AIX is vulnerable to an expected behavior violation CVE-2025-32728 due to OpenSSH...

Mageia: Security Advisory (MGASA-2025-0157)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20250430-15

Vulnerability of sshd service of OpenSSH cryptographic protection tool is related to inconsistency with the functionality of the DisableForwarding directive stated in the DisableForwarding directive functionality stated in the documentation. Exploitation of the vulnerability could allow an intrud...

CBL Mariner 2.0 Security Update: openssh (CVE-2025-32728)

The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32728 advisory. - In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation statin...

USN-7457-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding, contrary to documentation and expectations...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : OpenSSH vulnerability (USN-7457-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7457-1 advisory. It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X1...

CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

CVE-2025-32728

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

CVE-2025-32728

CVE-2025-32728 affects OpenSSH sshd prior to 10.0: the DisableForwarding directive does not fully disable X11 and agent forwarding as documented, potentially enabling unintended access under certain configurations. Multiple advisories indicate OpenSSH vulnerabilities across platforms (AIX, Amazon...

PT-2025-15885

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 10.0 Description: The issue arises from the DisableForwarding directive in sshd not following its documentation. Specifically, it does not properly disable X11 and agent forwarding as stated. Recommendations: For...