GHSA-8gmf-r74v-362p

Опубликовано: 06 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 3.6

Описание

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

Ссылки

EPSS

Процентиль: 1%

0.00012

Низкий

3.6 Low

CVSS3

CVE ID

CVE-2025-61985

Дефекты

CWE-158

Связанные уязвимости

CVE-2025-61985

CVSS3: 3.6

ubuntu

11 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

nvd

11 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 4.5

msrc

9 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

debian

11 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, ...

BDU:2025-12566

CVSS3: 3.6

fstec

11 дней назад

Уязвимость компонента ProxyCommand средства криптографической защиты OpenSSH, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 1%

0.00012

Низкий

3.6 Low

CVSS3

CVE ID

CVE-2025-61985

Дефекты

CWE-158