OPENSUSE-SU-2026:20851-1 Security update for putty

This update for putty fixes the following issues: Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion failure - program termination in NIST ECDSA signature verification. Fixed marking of Telnet and...

CVE-2025-66406

CVE-2025-66406 affects Step CA (github.com/smallstep/certificates). Before version 0.29.0, there is an improper authorization check for SSH certificate revocation, impacting deployments configured with the SSHPOP provisioner. The root cause is inadequate authorization on revocation requests; the ...

step-ca Has Improper Authorization Check for SSH Certificate Revocation

Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...

EUVD-2023-26860

Malicious code in bioql PyPI...

EUVD-2023-27847

Malicious code in bioql PyPI...

Incorrect Authorization

Overview github.com/gravitational/teleport/lib/client is a privileged access management tool. Affected versions of this package are vulnerable to Incorrect Authorization when validating SSH host certificate signatures. Due to a related issue in the processing of IsUserAuthority and IsHostAuthorit...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization when validating SSH host certificate signatures. Due to a related issue in the processing of IsUserAuthority and IsHostAuthority by x/crypto/ssh, an attacker can gain unauthorized access by providing a signed SSH...

TencentOS Server 4: libgit2 (TSSA-2024:0586)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0586 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

GHSA-XGPC-Q899-67P8 Fleet doesn’t validate a server’s certificate when connecting through SSH

Impact A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate when connecting through SSH if the certificate isn’t set in the knownhosts file. This could allow the execution of a man-in-the-middle MitM attack against Fleet...

PT-2025-19348 · Fleet · Fleet

Name of the Vulnerable Software and Affected Versions: Fleet versions prior to v0.10.12 Fleet versions prior to v0.11.7 Fleet versions prior to v0.12.2 Description: A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate whe...

Incorrect Permission Assignment For Critical Resource

github.com/hashicorp/vault is vulnerable to Incorrect Permission Assignment for Critical Resource. The vulnerability is due to not requiring the validprincipals list to contain a value by default. An attacker could authenticate as any user on the host by using an SSH certificate requested by an...

GHSA-JG74-MWGW-V6X3 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

CVE-2024-7594 Vault SSH Secrets Engine Configuration Did Not Restrict Valid Principals By Default

Vault’s SSH secrets engine did not require the validprincipals list to contain a value by default. If the validprincipals and defaultuser fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to...

Fedora: Security Advisory (FEDORA-2023-11f1c85512)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2024-37734 · /N · Ipworks Ssh

Name of the Vulnerable Software and Affected Versions: /n software IPWorks SSH versions prior to 22.0.8945 /n software IPWorks SSH versions prior to 24.0.8945 Description: The /n software IPWorks SSH library SFTPServer component can be induced to make unintended filesystem or network path request...

MGASA-2024-0059 Updated libgit2 packages fix security vulnerabilities

When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. CVE-2023-22742 Using well-crafted inputs to gitindexadd can cause heap corruption that could be leveraged for arbitrary code execution. CVE-2024-24577...

Authentication flaw

An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret gist's URL. This vulnerability affected all...

PT-2023-19186 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.9 Description: An improper authentication issue was identified that allowed unauthorized modification of other users' secret gists by authenticating through an SSH certificate authority, provided t...

Uber: pam_ussh does not properly validate the SSH certificate authority

The pamussh module that Uber open-sourced in https://github.com/uber/pam-ussh does not validate that the SSH certificate presented by a user is actually signed by a trusted CA listed in the configured cafile...