Описание
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 1:9.6p1-3ubuntu1 |
| esm-infra-legacy/trusty | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| fips-preview/jammy | released | 1:8.9p1-3ubuntu0.6 |
| fips-updates/bionic | not-affected | code not present |
| fips-updates/focal | not-affected | code not present |
| fips-updates/jammy | released | 1:8.9p1-3ubuntu0.6 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | ignored | |
| esm-apps/bionic | ignored | |
| esm-apps/focal | ignored | |
| esm-apps/jammy | ignored | |
| esm-apps/noble | ignored | |
| focal | ignored | |
| jammy | ignored | |
| lunar | ignored | end of life, was needs-triage |
| mantic | ignored | end of life, was needs-triage |
Показывать по
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
In ssh-agent in OpenSSH before 9.6, certain destination constraints ca ...
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
EPSS
5.5 Medium
CVSS3