Lucene search
K

21 matches found

RedHat Linux
RedHat Linux
added 2026/06/03 5:6 a.m.13 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.9AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/06/02 10:15 p.m.9 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.9AI score0.00176EPSS
Exploits0References7
Amazon
Amazon
added 2026/05/26 12:0 a.m.14 views

Medium: openssh

Issue Overview: OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. CVE-2026-35388 OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

8.1CVSS5.7AI score0.00176EPSS
Exploits0
OSV
OSV
added 2026/05/21 4:30 p.m.12 views

RLSA-2026:13380 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

7.5CVSS6.2AI score0.00419EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/05/19 6:37 p.m.7 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS6AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/05/19 1:38 p.m.9 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS6AI score0.00176EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016487 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

8.1CVSS5.6AI score0.00176EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.6 views

Oracle Linux 8 : openssh (ELSA-2026-13383)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-13383 advisory. - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: RHEL-164743 - CVE-2026-35388: Add...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References6
OSV
OSV
added 2026/05/05 2:12 a.m.7 views

CLSA-2026-1777947165 Fix CVE(s): CVE-2026-35414

SECURITY UPDATE: authorizedkeys principals="" option mismatches certificate principals containing comma characters. - debian/patches/CVE-2026-35414.patch: rewrite matchprincipalsoption to split principallist with strsep and compare with strcmp. - CVE-2026-35414...

8.1CVSS5.8AI score0.00176EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/05/04 9:42 a.m.9 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.7AI score0.00176EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/30 4:40 p.m.25 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

A flaw was found in OpenSSH. This vulnerability arises from the incorrect handling of the authorizedkeys principals option in uncommon scenarios. Specifically, when a principals list is used with a Certificate Authority that includes comma characters, OpenSSH may misinterpret the input. This coul...

8.1CVSS5.3AI score0.00176EPSS
Exploits0References7
OSV
OSV
added 2026/04/27 1:32 p.m.4 views

CLSA-2026-1777296725 Fix CVE(s): CVE-2026-35414

SECURITY UPDATE: mishandling of authorizedkeys principals option - debian/patches/CVE-2026-35414.patch: replace matchlist with xstrdup + strsep + exact strcmp in matchprincipalsoption in auth2-pubkey.c, so certificate principals containing embedded commas are no longer wrongly cross-matched. -...

8.1CVSS6AI score0.00176EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/04/04 8:2 a.m.8 views

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

...

8.1CVSS6AI score0.00176EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/03 11:24 p.m.5 views

SUSE CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

4.2CVSS5.7AI score0.00176EPSS
Exploits0References22
EUVD
EUVD
added 2026/04/02 6:31 p.m.4 views

EUVD-2026-18480

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

4.2CVSS5.8AI score0.00176EPSS
Exploits0References4
OSV
OSV
added 2026/04/02 6:16 p.m.8 views

DEBIAN-CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

8.1CVSS5AI score0.00176EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/02 6:16 p.m.10 views

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

8.1CVSS5.8AI score0.00176EPSS
Exploits0References3
OSV
OSV
added 2026/04/02 6:16 p.m.4 views

UBUNTU-CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

8.1CVSS5.7AI score0.00176EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/02 5:8 p.m.47 views

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

4.2CVSS5.8AI score0.00176EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/04/02 5:8 p.m.9 views

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

8.1CVSS5.8AI score0.00176EPSS
Exploits0References3
Rows per page
Query Builder