CVE-2025-66406 Improper Authorization Check for SSH Certificate Revocation

Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0...

step-ca Has Improper Authorization Check for SSH Certificate Revocation

Summary An authorized attacker can bypass authorization checks and revoke any SSH certificate issued by Step CA by using a valid revocation token. Details Step CA users can obtain SSH certificates from a few provisioners. The SSHPOP provisioner allows revocation of the SSH certificate preventing...

ROS-20251203-10

Vulnerability of parse.ParseUnverified function of golang-jwt web token library of Go programming language is related to uncontrolled resource consumption. Go programming language is related to uncontrolled resource consumption. Exploitation of the vulnerability allows an attacker acting remotely...

Oracle Linux 10 : ELSA-2025-20126-0: / openssh (ELSA-2025-201260)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201260 advisory. - CVE-2025-32728: Fix logic error in DisableForwarding option Resolves: RHEL-86819 Tenable has extracted the preceding description block directly from the...

CVE-2025-13809

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

CVE-2025-13809

Summary: CVE-2025-13809 affects orionsec orion-ops (SSH Connection Handler) via the MachineInfoController, where manipulating arguments host/sshPort/username/password/authType can trigger server-side request forgery. The vulnerability is described across multiple sources as exploitable from remot...

CVE-2025-13809 orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

CVE-2025-13809 orionsec orion-ops SSH Connection MachineInfoController.java server-side request forgery

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

PT-2025-48413

A vulnerability has been found in orionsec orion-ops up to 5925824997a3109651bbde07460958a7be249ed1. Affected by this issue is some unknown functionality of the file orion-ops-api/orion-ops-web/src/main/java/cn/orionsec/ops/controller/MachineInfoController.java of the component SSH Connection...

Security update for openssh (moderate)

openSUSE security update: security update for openssh ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20122-1 Rating: moderate References: bsc1251198 bsc1251199 Cross-References: CVE-2025-61984 CVE-2025-61985 CVSS scores: CVE-2025-61984 SUSE : 5.3...

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

RLSA-2025:18286 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: out-of-bounds read in sftphandle CVE-2025-5318 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

OPENSUSE-SU-2025:20122-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...

SUSE-SU-2025:21161-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...

SUSE-SU-2025:21128-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

RLSA-2025:21977 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Incorrect Return Code Handling in sshkdf in libssh CVE-2025-5372 For more details about the security issues, including the impact, a CVSS score,...

SUSE-SU-2025:4185-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a key listing or signing request bsc1253542...

Security update for act (important)

openSUSE Security Update: Security update for act Announcement ID: openSUSE-SU-2025:0437-1 Rating: important References: 1253608 Cross-References: CVE-2025-47913 CVSS scores: CVE-2025-47913 SUSE: 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N Affected Products: openSUSE...

SUSE SLES15 Security Update : podman (SUSE-SU-2025:4156-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4156-1 advisory. - CVE-2025-47913: golang.org/x/crypto/ssh/agent: Fixed client process termination when receiving an unexpected message type in response to a...