Lucene search
+L

6 matches found

RedHat Linux
RedHat Linux
added 2026/07/08 3:52 p.m.7 views

golang.org/x/crypto/ssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS6.1AI score0.00314EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/25 10:14 p.m.12 views

EUVD-2026-31394

golang.org/x/crypto/ssh vulnerable to invoking bypass of certificate restrictions...

6.3CVSS5.8AI score0.00314EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.13 views

CVE-2026-39828

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS5.4AI score0.00314EPSS
Exploits0References7
NVD
NVD
added 2026/05/22 4:16 a.m.14 views

CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

8.8CVSS0.00314EPSS
Exploits0References37
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.91 views

CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

0.00314EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.17 views

PT-2026-42707

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An issue exists where an SSH server authentication callback returning PartialSuccessError with non-nil Permissions caused those permissions to be silently...

9.8CVSS5.8AI score0.00314EPSS
Exploits0
Rows per page
Query Builder