CVE-2025-61985

Опубликовано: 06 окт. 2025

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS3: 3.6

Описание

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

Релиз	Статус	Примечание
devel	needs-triage
esm-infra-legacy/trusty	needs-triage
esm-infra/bionic	needs-triage
esm-infra/focal	needs-triage
esm-infra/xenial	needs-triage
fips-preview/jammy	needs-triage
fips-updates/bionic	needs-triage
fips-updates/focal	needs-triage
fips-updates/jammy	needs-triage
fips-updates/xenial	needs-triage

Показывать по

Релиз	Статус	Примечание
devel	ignored
esm-apps/bionic	needs-triage
esm-apps/focal	ignored
esm-apps/jammy	ignored
esm-apps/noble	ignored
jammy	ignored
noble	ignored
plucky	ignored
questing	ignored
upstream	ignored	frozen on openssh 7.5p

Показывать по

Ссылки на источники

EPSS

Процентиль: 1%

0.00012

Низкий

3.6 Low

CVSS3

Связанные уязвимости

CVE-2025-61985

CVSS3: 3.6

nvd

10 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 4.5

msrc

9 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

CVE-2025-61985

CVSS3: 3.6

debian

10 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, ...

GHSA-8gmf-r74v-362p

CVSS3: 3.6

github

10 дней назад

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

BDU:2025-12566

CVSS3: 3.6

fstec

11 дней назад

Уязвимость компонента ProxyCommand средства криптографической защиты OpenSSH, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 1%

0.00012

Низкий

3.6 Low

CVSS3

CVE-2025-61985

Описание

Пакет openssh

Пакет openssh-ssh1

Ссылки на источники

Связанные уязвимости