GHSA-8gmf-r74v-362p

Опубликовано: 06 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 3.6

Описание

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

Ссылки

EPSS

Процентиль: 4%

0.00016

Низкий

3.6 Low

CVSS3

CVE ID

CVE-2025-61985

Дефекты

CWE-158

Связанные уязвимости

CVE-2025-61985

CVSS3: 3.6

ubuntu

6 месяцев назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 5.3

redhat

6 месяцев назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

nvd

6 месяцев назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

msrc

6 месяцев назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

debian

6 месяцев назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, ...

EPSS

Процентиль: 4%

0.00016

Низкий

3.6 Low

CVSS3

CVE ID

CVE-2025-61985

Дефекты

CWE-158