Описание
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 0.10.6-2 |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm3 |
| esm-infra/focal | released | 0.9.3-2ubuntu2.5 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.6+esm1 |
| focal | released | 0.9.3-2ubuntu2.5 |
| jammy | released | 0.9.6-2ubuntu0.22.04.3 |
| lunar | released | 0.10.4-2ubuntu0.3 |
| mantic | released | 0.10.5-3ubuntu1.2 |
| trusty | ignored | end of standard support |
Показывать по
Ссылки на источники
EPSS
4.8 Medium
CVSS3
Связанные уязвимости
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump ...
A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.
EPSS
4.8 Medium
CVSS3