418 matches found
JLSEC-2026-64
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...
JLSEC-2026-69
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...
Security update for keybase-client (important)
openSUSE Security Update: Security update for keybase-client Announcement ID: openSUSE-SU-2026:0117-1 Rating: important References: 1253563 1253864 1254023 Cross-References: CVE-2025-47913 CVE-2025-47914 CVE-2025-58181 CVSS scores: CVE-2025-47913 SUSE: 8.7...
SUSE-SU-2026:20949-1 Security update for docker-compose
This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...
SUSE-SU-2026:20976-1 Security update for docker-compose
This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...
OPENSUSE-SU-2026:20438-1 Security update for docker-compose
This update for docker-compose fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253584. - CVE-2025-47914: golang.org/x/crypto/ssh/agent: non validat...
Security Bulletin: Memory Safety Vulnerabilities in SSH Agents and Servers: Out-of-Bounds Read and Unbounded Memory Consumption, affects watsonx.data
Summary SSH Agent servers are vulnerable to out-of-bounds reads when processing malformed new identity requests, which can cause the agent to panic. Additionally, SSH servers handling GSSAPI authentication requests do not validate the number of mechanisms specified, potentially allowing attackers...
Important: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : podman (RHSA-2026:5222)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5222 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
ROS-20260320-73-0007
A vulnerability in the ssh-agent library ssh-agent server for the Go crypto programming language involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
RHEL 10 : podman (RHSA-2026:5167)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5167 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
Important: Red Hat Security Advisory: container-tools:rhel8 security update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
Oracle Linux 8 : container-tools:rhel8 (ELSA-2026-4672)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-4672 advisory. - rebuild for CVE-2025-68121 - rebuild for CVE-2025-61729 - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH...
RHEL 8 : container-tools:rhel8 (RHSA-2026:4693)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4693 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc:...
Security Bulletin: Unexpected SSH_AGENT_SUCCESS Response Causes Client Panic and Premature Termination in SSH Client, affects watsonx.data
Summary SH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response wi...
EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2026-1552)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that...
EulerOS 2.0 SP12 : curl (EulerOS-SA-2026-1386)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When doing multi-threaded LDAPS transfers LDAP over TLS with libcurl, changing TLS options in one thread would inadvertently change them globally an...
CLSA-2026-1773405202 curl: Fix of CVE-2025-15224
CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...
RHEL 9 : buildah (RHSA-2026:4532)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:4532 advisory. The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a...
Important: Red Hat Security Advisory: buildah security update
An update for buildah is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...