36 matches found
[SECURITY] Fedora 44 Update: opkssh-0.13.0-8.fc44
OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like aliceaexample.com ins tead of long-lived SSH keys...
[SECURITY] Fedora 42 Update: opkssh-0.13.0-8.fc42
OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect allowing SSH access to be managed via identities like aliceaexample.com ins tead of long-lived SSH keys...
Linux Distros Unpatched Vulnerability : CVE-2025-4658
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH...
EUVD-2025-14478
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-3757
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. CVE-2025-375...
SUSE CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
SUSE CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
GO-2025-3679 OpenPubkey Vulnerable to Authentication Bypass in github.com/openpubkey/openpubkey
OpenPubkey Vulnerable to Authentication Bypass in github.com/openpubkey/openpubkey...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
Signature Verification Bypass
github.com/openpubkey/opkssh is vulnerable to Signature Verification Bypass. The vulnerability is due to improper verification of JWS structure and signature data caused by incorrect implementation of the JWS signature verification logic, allows an attacker to bypass authentication mechanisms in...
OPKSSH Vulnerable to Authentication Bypass
Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5....
GHSA-56WX-66PX-9J66 OPKSSH Vulnerable to Authentication Bypass
Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5....
GHSA-537F-GXGM-3JJQ OpenPubkey Vulnerable to Authentication Bypass
Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. Patches Upgrade to v0.10.0 or greater. This vulnerability is not present in versions of OpenPubkey after v0.9.0. References CVE-2025-3757...
OpenPubkey Vulnerable to Authentication Bypass
Impact Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. Patches Upgrade to v0.10.0 or greater. This vulnerability is not present in versions of OpenPubkey after v0.9.0. References CVE-2025-3757...
DEBIAN-CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-4658
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for authentication, this vulnerability in OpenPubkey also applies to OPKSSH versions prior to 0.5.0 and...
CVE-2025-3757
Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification...