CVE-2024-34713

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...

EUVD-2024-1670

Malicious code in bioql PyPI...

GO-2024-2836 sshproxy vulnerable to SSH option injection in github.com/cea-hpc/sshproxy

sshproxy vulnerable to SSH option injection in github.com/cea-hpc/sshproxy...

Command Injection

github.com/cea-hpc/sshproxy is vulnerable to Command Injection. The vulnerability is due to missing input santization when constructing the ssh command string, which allows an authorized user to inject options into the ssh command executed by sshproxy...

sshproxy vulnerable to SSH option injection

Impact Any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are impacted. Patches The problem is patched starting on version 1.6.3 Workarounds The only workaround is to use the forcecommand option in...

GHSA-JMQP-37M5-49WH sshproxy vulnerable to SSH option injection

Impact Any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are impacted. Patches The problem is patched starting on version 1.6.3 Workarounds The only workaround is to use the forcecommand option in...

CVE-2024-34713

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...

CVE-2024-34713 sshproxy vulnerable to SSH option injection

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...

CVE-2024-34713 sshproxy vulnerable to SSH option injection

sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...

CVE-2024-34713

Summary : The vulnerability affects sshproxy, used to transparently proxy SSH connections through a gateway. Before version 1.6.3, any user authorized to connect to an SSH server via sshproxy could inject options into the ssh command executed by sshproxy; all versions are impacted. The issue is m...

sshproxy 命令注入漏洞

sshproxy is an open source proxy program from cea-hpc. A command injection vulnerability exists in sshproxy versions prior to 1.6.3, which stems from the presence of SSH command injection...