golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

AlmaLinux 9 : buildah (ALSA-2026:0437)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0437 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the preceding...

Oracle Linux 8 : container-tools:ol8 (ELSA-2026-0753)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0753 advisory. - fixes 'CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS rhel-8.10.z' - rebuild...

Fedora: Security Advisory (FEDORA-2026-79f923d917)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockyLinux 8 : container-tools:rhel8 (RLSA-2026:0753)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0753 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the precedin...

MiracleLinux 4 : openssh-5.3p1-122.AXS4 (AXSA:2017-1374:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1374:01 advisory. SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure...

RHEL 8 : container-tools:rhel8 (RHSA-2026:0753)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0753 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes:...

FreeBSD : oauth2-proxy -- multiple vulnerabilities (fb561db9-0fc1-4d92-81a2-ee01839c9119)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fb561db9-0fc1-4d92-81a2-ee01839c9119 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number...

ALSA-2026:0753 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 For more details about the security...

AlmaLinux 10 : podman (ALSA-2026:0545)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0545 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the precedin...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2021-2220:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2220:01 advisory. golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers ...

AlmaLinux 9 : podman (ALSA-2026:0470)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0470 advisory. golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSHAGENTSUCCESS CVE-2025-47913 Tenable has extracted the preceding...

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

openSUSE 16 Security Update : erlang (openSUSE-SU-2026:20043-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20043-1 advisory. Update the ssh component to the latest in the maint-27 branch. Security issues fixed: - CVE-2025-48040: ssh: overly tolerant handling of data...

podman security update

An update is available for podman. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

Security update for erlang (moderate)

openSUSE security update: security update for erlang ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20043-1 Rating: moderate References: bsc1249469 bsc1249470 bsc1249472 Cross-References: CVE-2025-48038 CVE-2025-48039 CVE-2025-48040 CVSS scores:...

RHSA-2026:0693 Red Hat Security Advisory: openssh security update

Bulletin has no description...

MiracleLinux 7 : libssh2-1.8.0-3.el7 (AXSA:2019-4034:04)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4034:04 advisory. libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read CVE-2019-3858 libssh2: Out-of-bounds reads with...

MiracleLinux 4 : libssh2-1.4.2-3.AXS4.1 (AXSA:2019-3922:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-3922:01 advisory. libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 libssh2: Integer overflow in keyboard interactive handlin...

oauth2-proxy -- multiple vulnerabilities

Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can...