Remote command execution In openssh
Description
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version | Patched versions |
|---|---|---|---|
 debian 11 | =1:8.4p1-5 || =1:8.4p1-5+deb11u1 || =1:8.4p1-5+deb11u2 || =1:8.4p1-5+deb11u3 || =1:8.4p1-5+deb11u4 || =1:8.4p1-5+deb11u5 || =1:8.4p1-5+deb11u6 || >=0 <1:8.4p1-5+deb11u7 | 1:8.4p1-5+deb11u7 | |
debian 12 | =1:9.2p1-2 || =1:9.2p1-2+deb12u1 || =1:9.2p1-2+deb12u2 || =1:9.2p1-2+deb12u3 || =1:9.2p1-2+deb12u4 || =1:9.2p1-2+deb12u5 || =1:9.2p1-2+deb12u6 || =1:9.2p1-2+deb12u7 || >=0 <1:9.2p1-2+deb12u8 | 1:9.2p1-2+deb12u8 | |
debian 13 | =1:10.0p1-7 || >=0 <1:10.0p1-7+deb13u1 | 1:10.0p1-7+deb13u1 | |
debian 14 | =1:10.0p1-7 || =1:10.0p1-8 || >=0 <1:10.1p1-1 | 1:10.1p1-1 | |
 alpine v3.22 | =10.0_p1-r0 || =10.0_p1-r1 || =10.0_p1-r2 || =10.0_p1-r3 || =10.0_p1-r4 || =10.0_p1-r5 || =10.0_p1-r6 || =10.0_p1-r7 || =10.0_p1-r8 || =10.0_p1-r9 || =5.1_p1-r1 || =5.1_p1-r2 || =5.1p1-r0 || =5.2_p1-r0 || =5.2_p1-r1 || =5.2_p1-r2 || =5.2_p1-r3 || =5.3_p1-r3 || =5.4_p1-r0 || =5.4_p1-r1 || =5.4_p1-r2 || =5.4_p1-r3 || =5.5_p1-r0 || =5.6_p1-r0 || =5.6_p1-r1 || =5.8_p1-r0 || =5.8_p1-r1 || =5.8_p1-r2 || =5.8_p2-r0 || =5.8_p2-r1 || =5.8_p2-r2 || =5.9_p1-r0 || =5.9_p1-r1 || =5.9_p1-r2 || =6.0_p1-r0 || =6.1_p1-r0 || =6.1_p1-r1 || =6.1_p1-r2 || =6.2_p1-r0 || =6.2_p2-r0 || =6.2_p2-r1 || =6.2_p2-r2 || =6.3_p1-r0 || =6.3_p1-r1 || =6.3_p1-r2 || =6.4_p1-r0 || =6.4_p1-r1 || =6.6_p1-r0 || =6.6_p1-r1 || =6.6_p1-r2 || =6.6_p1-r3 || =6.6_p1-r4 || =6.6_p1-r5 || =6.6_p1-r6 || =6.7_p1-r0 || =6.8_p1-r0 || =6.8_p1-r1 || =6.8_p1-r2 || =6.9_p1-r0 || =6.9_p1-r1 || =6.9_p1-r2 || =6.9_p1-r3 || =6.9_p1-r4 || =6.9_p1-r5 || =7.1_p1-r0 || =7.1_p1-r1 || =7.1_p2-r0 || =7.2_p1-r0 || =7.2_p2-r0 || =7.2_p2-r1 || =7.3_p1-r0 || =7.3_p1-r1 || =7.3_p1-r2 || =7.4_p1-r0 || =7.4_p1-r1 || =7.4_p1-r2 || =7.5_p1-r0 || =7.5_p1-r1 || =7.5_p1-r2 || =7.5_p1-r3 || =7.5_p1-r4 || =7.5_p1-r5 || =7.5_p1-r6 || =7.5_p1-r7 || =7.5_p1-r8 || =7.6_p1-r0 || =7.6_p1-r1 || =7.7_p1-r0 || =7.7_p1-r1 || =7.7_p1-r2 || =7.7_p1-r3 || =7.7_p1-r4 || =7.8_p1-r0 || =7.9_p1-r0 || =7.9_p1-r1 || =7.9_p1-r2 || =7.9_p1-r3 || =7.9_p1-r4 || =7.9_p1-r5 || =8.0_p1-r0 || =8.0_p1-r1 || =8.0_p1-r2 || =8.1_p1-r0 || =8.2_p1-r0 || =8.3_p1-r0 || =8.4_p1-r0 || =8.4_p1-r1 || =8.4_p1-r2 || =8.4_p1-r3 || =8.5_p1-r0 || =8.5_p1-r1 || =8.5_p1-r2 || =8.6_p1-r0 || =8.6_p1-r1 || =8.6_p1-r2 || =8.6_p1-r3 || =8.6_p1-r4 || =8.8_p1-r0 || =8.8_p1-r1 || =8.8_p1-r2 || =8.8_p1-r3 || =8.8_p1-r4 || =8.9_p1-r0 || =9.0_p1-r0 || =9.0_p1-r1 || =9.0_p1-r2 || =9.0_p1-r3 || =9.0_p1-r4 || =9.1_p1-r0 || =9.1_p1-r1 || =9.2_p1-r0 || =9.2_p1-r1 || =9.2_p1-r2 || =9.2_p1-r3 || =9.2_p1-r4 || =9.3_p1-r0 || =9.3_p1-r1 || =9.3_p1-r2 || =9.3_p1-r3 || =9.3_p1-r4 || =9.3_p1-r5 || =9.3_p1-r6 || =9.3_p1-r7 || =9.3_p2-r0 || =9.3_p2-r1 || =9.3_p2-r2 || =9.4_p1-r0 || =9.5_p1-r0 || =9.6_p1-r0 || =9.7_p1-r0 || =9.7_p1-r1 || =9.7_p1-r2 || =9.7_p1-r3 || =9.8_p1-r0 || =9.8_p1-r1 || =9.9_p1-r0 || =9.9_p1-r1 || =9.9_p1-r2 || =9.9_p2-r0 || >=0 <10.0_p1-r10 | 10.0_p1-r10 | |
alpine v3.23 | =10.0_p1-r0 || =10.0_p1-r1 || =10.0_p1-r10 || =10.0_p1-r11 || =10.0_p1-r2 || =10.0_p1-r3 || =10.0_p1-r4 || =10.0_p1-r5 || =10.0_p1-r6 || =10.0_p1-r7 || =10.0_p1-r8 || =10.0_p1-r9 || =5.1_p1-r1 || =5.1_p1-r2 || =5.1p1-r0 || =5.2_p1-r0 || =5.2_p1-r1 || =5.2_p1-r2 || =5.2_p1-r3 || =5.3_p1-r3 || =5.4_p1-r0 || =5.4_p1-r1 || =5.4_p1-r2 || =5.4_p1-r3 || =5.5_p1-r0 || =5.6_p1-r0 || =5.6_p1-r1 || =5.8_p1-r0 || =5.8_p1-r1 || =5.8_p1-r2 || =5.8_p2-r0 || =5.8_p2-r1 || =5.8_p2-r2 || =5.9_p1-r0 || =5.9_p1-r1 || =5.9_p1-r2 || =6.0_p1-r0 || =6.1_p1-r0 || =6.1_p1-r1 || =6.1_p1-r2 || =6.2_p1-r0 || =6.2_p2-r0 || =6.2_p2-r1 || =6.2_p2-r2 || =6.3_p1-r0 || =6.3_p1-r1 || =6.3_p1-r2 || =6.4_p1-r0 || =6.4_p1-r1 || =6.6_p1-r0 || =6.6_p1-r1 || =6.6_p1-r2 || =6.6_p1-r3 || =6.6_p1-r4 || =6.6_p1-r5 || =6.6_p1-r6 || =6.7_p1-r0 || =6.8_p1-r0 || =6.8_p1-r1 || =6.8_p1-r2 || =6.9_p1-r0 || =6.9_p1-r1 || =6.9_p1-r2 || =6.9_p1-r3 || =6.9_p1-r4 || =6.9_p1-r5 || =7.1_p1-r0 || =7.1_p1-r1 || =7.1_p2-r0 || =7.2_p1-r0 || =7.2_p2-r0 || =7.2_p2-r1 || =7.3_p1-r0 || =7.3_p1-r1 || =7.3_p1-r2 || =7.4_p1-r0 || =7.4_p1-r1 || =7.4_p1-r2 || =7.5_p1-r0 || =7.5_p1-r1 || =7.5_p1-r2 || =7.5_p1-r3 || =7.5_p1-r4 || =7.5_p1-r5 || =7.5_p1-r6 || =7.5_p1-r7 || =7.5_p1-r8 || =7.6_p1-r0 || =7.6_p1-r1 || =7.7_p1-r0 || =7.7_p1-r1 || =7.7_p1-r2 || =7.7_p1-r3 || =7.7_p1-r4 || =7.8_p1-r0 || =7.9_p1-r0 || =7.9_p1-r1 || =7.9_p1-r2 || =7.9_p1-r3 || =7.9_p1-r4 || =7.9_p1-r5 || =8.0_p1-r0 || =8.0_p1-r1 || =8.0_p1-r2 || =8.1_p1-r0 || =8.2_p1-r0 || =8.3_p1-r0 || =8.4_p1-r0 || =8.4_p1-r1 || =8.4_p1-r2 || =8.4_p1-r3 || =8.5_p1-r0 || =8.5_p1-r1 || =8.5_p1-r2 || =8.6_p1-r0 || =8.6_p1-r1 || =8.6_p1-r2 || =8.6_p1-r3 || =8.6_p1-r4 || =8.8_p1-r0 || =8.8_p1-r1 || =8.8_p1-r2 || =8.8_p1-r3 || =8.8_p1-r4 || =8.9_p1-r0 || =9.0_p1-r0 || =9.0_p1-r1 || =9.0_p1-r2 || =9.0_p1-r3 || =9.0_p1-r4 || =9.1_p1-r0 || =9.1_p1-r1 || =9.2_p1-r0 || =9.2_p1-r1 || =9.2_p1-r2 || =9.2_p1-r3 || =9.2_p1-r4 || =9.3_p1-r0 || =9.3_p1-r1 || =9.3_p1-r2 || =9.3_p1-r3 || =9.3_p1-r4 || =9.3_p1-r5 || =9.3_p1-r6 || =9.3_p1-r7 || =9.3_p2-r0 || =9.3_p2-r1 || =9.3_p2-r2 || =9.4_p1-r0 || =9.5_p1-r0 || =9.6_p1-r0 || =9.7_p1-r0 || =9.7_p1-r1 || =9.7_p1-r2 || =9.7_p1-r3 || =9.8_p1-r0 || =9.8_p1-r1 || =9.9_p1-r0 || =9.9_p1-r1 || =9.9_p1-r2 || =9.9_p2-r0 || >=0 <10.1_p1-r0 | 10.1_p1-r0 | |
 rpm rhel9 | <0:8.7p1-47.el9_7 | 0:8.7p1-47.el9_7 | |
rpm rhel10.0 | <0:9.9p1-7.el10_0.1 | 0:9.9p1-7.el10_0.1 | |
rpm rhel9.6 | <0:8.7p1-45.el9_6.1 | 0:8.7p1-45.el9_6.1 | |
rpm rhel10 | <0:9.9p1-12.el10_1 | 0:9.9p1-12.el10_1 |
1-10 of 14
10
Does your application use this vulnerable software?
During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.