2 matches found
Amazon Linux 2 : openssh (ALAS-2025-2881)
The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2881 advisory. In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11...
Important: openssh
Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...