CVE-2025-32728

Опубликовано: 10 апр. 2025

Источник: nvd

CVSS3: 4.3

CVSS3: 3.8

EPSS Низкий

Описание

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

Ссылки

https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig
Product
https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367
Patch
https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html
Mailing List
Product
Release Notes
https://www.openssh.com/txt/release-10.0
Release Notes
https://www.openssh.com/txt/release-7.4
Release Notes
https://lists.debian.org/debian-lts-announce/2025/05/msg00008.html
Mailing List
Third Party Advisory
https://security.netapp.com/advisory/ntap-20250425-0002/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*

Версия от 7.4 (включая) до 10.0 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00027

Низкий

4.3 Medium

CVSS3

3.8 Low

CVSS3

Дефекты

CWE-440

NVD-CWE-noinfo

Связанные уязвимости

CVE-2025-32728

CVSS3: 4.3

ubuntu

2 месяца назад

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

CVE-2025-32728

CVSS3: 4.3

redhat

2 месяца назад

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

CVE-2025-32728

CVSS3: 3.8

msrc

около 2 месяцев назад

Описание отсутствует

CVE-2025-32728

CVSS3: 4.3

debian

2 месяца назад

In sshd in OpenSSH before 10.0, the DisableForwarding directive does n ...

SUSE-SU-2025:1576-1

suse-cvrf

около 1 месяца назад

Security update for openssh

EPSS

Процентиль: 6%

0.00027

Низкий

4.3 Medium

CVSS3

3.8 Low

CVSS3

Дефекты

CWE-440

NVD-CWE-noinfo