Fluid Attacks Database

Description

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 12	openssh	=1:9.2p1-2 \|\| =1:9.2p1-2+deb12u1 \|\| =1:9.2p1-2+deb12u2 \|\| =1:9.2p1-2+deb12u3 \|\| =1:9.2p1-2+deb12u4 \|\| =1:9.2p1-2+deb12u5 \|\| >=0 <1:9.2p1-2+deb12u6	1:9.2p1-2+deb12u6
debian 11	openssh	=1:8.4p1-5 \|\| =1:8.4p1-5+deb11u1 \|\| =1:8.4p1-5+deb11u2 \|\| =1:8.4p1-5+deb11u3 \|\| =1:8.4p1-5+deb11u4 \|\| >=0 <1:8.4p1-5+deb11u5	1:8.4p1-5+deb11u5
debian 13	openssh	>=0 <1:10.0p1-1	1:10.0p1-1
debian 14	openssh	>=0 <1:10.0p1-1	1:10.0p1-1
alpine v3.23	openssh	=5.1_p1-r1 \|\| =5.1_p1-r2 \|\| =5.1p1-r0 \|\| =5.2_p1-r0 \|\| =5.2_p1-r1 \|\| =5.2_p1-r2 \|\| =5.2_p1-r3 \|\| =5.3_p1-r3 \|\| =5.4_p1-r0 \|\| =5.4_p1-r1 \|\| =5.4_p1-r2 \|\| =5.4_p1-r3 \|\| =5.5_p1-r0 \|\| =5.6_p1-r0 \|\| =5.6_p1-r1 \|\| =5.8_p1-r0 \|\| =5.8_p1-r1 \|\| =5.8_p1-r2 \|\| =5.8_p2-r0 \|\| =5.8_p2-r1 \|\| =5.8_p2-r2 \|\| =5.9_p1-r0 \|\| =5.9_p1-r1 \|\| =5.9_p1-r2 \|\| =6.0_p1-r0 \|\| =6.1_p1-r0 \|\| =6.1_p1-r1 \|\| =6.1_p1-r2 \|\| =6.2_p1-r0 \|\| =6.2_p2-r0 \|\| =6.2_p2-r1 \|\| =6.2_p2-r2 \|\| =6.3_p1-r0 \|\| =6.3_p1-r1 \|\| =6.3_p1-r2 \|\| =6.4_p1-r0 \|\| =6.4_p1-r1 \|\| =6.6_p1-r0 \|\| =6.6_p1-r1 \|\| =6.6_p1-r2 \|\| =6.6_p1-r3 \|\| =6.6_p1-r4 \|\| =6.6_p1-r5 \|\| =6.6_p1-r6 \|\| =6.7_p1-r0 \|\| =6.8_p1-r0 \|\| =6.8_p1-r1 \|\| =6.8_p1-r2 \|\| =6.9_p1-r0 \|\| =6.9_p1-r1 \|\| =6.9_p1-r2 \|\| =6.9_p1-r3 \|\| =6.9_p1-r4 \|\| =6.9_p1-r5 \|\| =7.1_p1-r0 \|\| =7.1_p1-r1 \|\| =7.1_p2-r0 \|\| =7.2_p1-r0 \|\| =7.2_p2-r0 \|\| =7.2_p2-r1 \|\| =7.3_p1-r0 \|\| =7.3_p1-r1 \|\| =7.3_p1-r2 \|\| =7.4_p1-r0 \|\| =7.4_p1-r1 \|\| =7.4_p1-r2 \|\| =7.5_p1-r0 \|\| =7.5_p1-r1 \|\| =7.5_p1-r2 \|\| =7.5_p1-r3 \|\| =7.5_p1-r4 \|\| =7.5_p1-r5 \|\| =7.5_p1-r6 \|\| =7.5_p1-r7 \|\| =7.5_p1-r8 \|\| =7.6_p1-r0 \|\| =7.6_p1-r1 \|\| =7.7_p1-r0 \|\| =7.7_p1-r1 \|\| =7.7_p1-r2 \|\| =7.7_p1-r3 \|\| =7.7_p1-r4 \|\| =7.8_p1-r0 \|\| =7.9_p1-r0 \|\| =7.9_p1-r1 \|\| =7.9_p1-r2 \|\| =7.9_p1-r3 \|\| =7.9_p1-r4 \|\| =7.9_p1-r5 \|\| =8.0_p1-r0 \|\| =8.0_p1-r1 \|\| =8.0_p1-r2 \|\| =8.1_p1-r0 \|\| =8.2_p1-r0 \|\| =8.3_p1-r0 \|\| =8.4_p1-r0 \|\| =8.4_p1-r1 \|\| =8.4_p1-r2 \|\| =8.4_p1-r3 \|\| =8.5_p1-r0 \|\| =8.5_p1-r1 \|\| =8.5_p1-r2 \|\| =8.6_p1-r0 \|\| =8.6_p1-r1 \|\| =8.6_p1-r2 \|\| =8.6_p1-r3 \|\| =8.6_p1-r4 \|\| =8.8_p1-r0 \|\| =8.8_p1-r1 \|\| =8.8_p1-r2 \|\| =8.8_p1-r3 \|\| =8.8_p1-r4 \|\| =8.9_p1-r0 \|\| =9.0_p1-r0 \|\| =9.0_p1-r1 \|\| =9.0_p1-r2 \|\| =9.0_p1-r3 \|\| =9.0_p1-r4 \|\| =9.1_p1-r0 \|\| =9.1_p1-r1 \|\| =9.2_p1-r0 \|\| =9.2_p1-r1 \|\| =9.2_p1-r2 \|\| =9.2_p1-r3 \|\| =9.2_p1-r4 \|\| =9.3_p1-r0 \|\| =9.3_p1-r1 \|\| =9.3_p1-r2 \|\| =9.3_p1-r3 \|\| =9.3_p1-r4 \|\| =9.3_p1-r5 \|\| =9.3_p1-r6 \|\| =9.3_p1-r7 \|\| =9.3_p2-r0 \|\| =9.3_p2-r1 \|\| =9.3_p2-r2 \|\| =9.4_p1-r0 \|\| =9.5_p1-r0 \|\| =9.6_p1-r0 \|\| =9.7_p1-r0 \|\| =9.7_p1-r1 \|\| =9.7_p1-r2 \|\| =9.7_p1-r3 \|\| =9.8_p1-r0 \|\| =9.8_p1-r1 \|\| =9.9_p1-r0 \|\| =9.9_p1-r1 \|\| =9.9_p1-r2 \|\| =9.9_p2-r0 \|\| >=0 <10.0_p1-r0	10.0_p1-r0
alpine v3.22	openssh	=5.1_p1-r1 \|\| =5.1_p1-r2 \|\| =5.1p1-r0 \|\| =5.2_p1-r0 \|\| =5.2_p1-r1 \|\| =5.2_p1-r2 \|\| =5.2_p1-r3 \|\| =5.3_p1-r3 \|\| =5.4_p1-r0 \|\| =5.4_p1-r1 \|\| =5.4_p1-r2 \|\| =5.4_p1-r3 \|\| =5.5_p1-r0 \|\| =5.6_p1-r0 \|\| =5.6_p1-r1 \|\| =5.8_p1-r0 \|\| =5.8_p1-r1 \|\| =5.8_p1-r2 \|\| =5.8_p2-r0 \|\| =5.8_p2-r1 \|\| =5.8_p2-r2 \|\| =5.9_p1-r0 \|\| =5.9_p1-r1 \|\| =5.9_p1-r2 \|\| =6.0_p1-r0 \|\| =6.1_p1-r0 \|\| =6.1_p1-r1 \|\| =6.1_p1-r2 \|\| =6.2_p1-r0 \|\| =6.2_p2-r0 \|\| =6.2_p2-r1 \|\| =6.2_p2-r2 \|\| =6.3_p1-r0 \|\| =6.3_p1-r1 \|\| =6.3_p1-r2 \|\| =6.4_p1-r0 \|\| =6.4_p1-r1 \|\| =6.6_p1-r0 \|\| =6.6_p1-r1 \|\| =6.6_p1-r2 \|\| =6.6_p1-r3 \|\| =6.6_p1-r4 \|\| =6.6_p1-r5 \|\| =6.6_p1-r6 \|\| =6.7_p1-r0 \|\| =6.8_p1-r0 \|\| =6.8_p1-r1 \|\| =6.8_p1-r2 \|\| =6.9_p1-r0 \|\| =6.9_p1-r1 \|\| =6.9_p1-r2 \|\| =6.9_p1-r3 \|\| =6.9_p1-r4 \|\| =6.9_p1-r5 \|\| =7.1_p1-r0 \|\| =7.1_p1-r1 \|\| =7.1_p2-r0 \|\| =7.2_p1-r0 \|\| =7.2_p2-r0 \|\| =7.2_p2-r1 \|\| =7.3_p1-r0 \|\| =7.3_p1-r1 \|\| =7.3_p1-r2 \|\| =7.4_p1-r0 \|\| =7.4_p1-r1 \|\| =7.4_p1-r2 \|\| =7.5_p1-r0 \|\| =7.5_p1-r1 \|\| =7.5_p1-r2 \|\| =7.5_p1-r3 \|\| =7.5_p1-r4 \|\| =7.5_p1-r5 \|\| =7.5_p1-r6 \|\| =7.5_p1-r7 \|\| =7.5_p1-r8 \|\| =7.6_p1-r0 \|\| =7.6_p1-r1 \|\| =7.7_p1-r0 \|\| =7.7_p1-r1 \|\| =7.7_p1-r2 \|\| =7.7_p1-r3 \|\| =7.7_p1-r4 \|\| =7.8_p1-r0 \|\| =7.9_p1-r0 \|\| =7.9_p1-r1 \|\| =7.9_p1-r2 \|\| =7.9_p1-r3 \|\| =7.9_p1-r4 \|\| =7.9_p1-r5 \|\| =8.0_p1-r0 \|\| =8.0_p1-r1 \|\| =8.0_p1-r2 \|\| =8.1_p1-r0 \|\| =8.2_p1-r0 \|\| =8.3_p1-r0 \|\| =8.4_p1-r0 \|\| =8.4_p1-r1 \|\| =8.4_p1-r2 \|\| =8.4_p1-r3 \|\| =8.5_p1-r0 \|\| =8.5_p1-r1 \|\| =8.5_p1-r2 \|\| =8.6_p1-r0 \|\| =8.6_p1-r1 \|\| =8.6_p1-r2 \|\| =8.6_p1-r3 \|\| =8.6_p1-r4 \|\| =8.8_p1-r0 \|\| =8.8_p1-r1 \|\| =8.8_p1-r2 \|\| =8.8_p1-r3 \|\| =8.8_p1-r4 \|\| =8.9_p1-r0 \|\| =9.0_p1-r0 \|\| =9.0_p1-r1 \|\| =9.0_p1-r2 \|\| =9.0_p1-r3 \|\| =9.0_p1-r4 \|\| =9.1_p1-r0 \|\| =9.1_p1-r1 \|\| =9.2_p1-r0 \|\| =9.2_p1-r1 \|\| =9.2_p1-r2 \|\| =9.2_p1-r3 \|\| =9.2_p1-r4 \|\| =9.3_p1-r0 \|\| =9.3_p1-r1 \|\| =9.3_p1-r2 \|\| =9.3_p1-r3 \|\| =9.3_p1-r4 \|\| =9.3_p1-r5 \|\| =9.3_p1-r6 \|\| =9.3_p1-r7 \|\| =9.3_p2-r0 \|\| =9.3_p2-r1 \|\| =9.3_p2-r2 \|\| =9.4_p1-r0 \|\| =9.5_p1-r0 \|\| =9.6_p1-r0 \|\| =9.7_p1-r0 \|\| =9.7_p1-r1 \|\| =9.7_p1-r2 \|\| =9.7_p1-r3 \|\| =9.8_p1-r0 \|\| =9.8_p1-r1 \|\| =9.9_p1-r0 \|\| =9.9_p1-r1 \|\| =9.9_p1-r2 \|\| =9.9_p2-r0 \|\| >=0 <10.0_p1-r0	10.0_p1-r0
rpm rhel7	openssh	-	-
rpm rhel8	openssh	-	-
rpm rhel6	openssh	-	-
rpm rhel9	openssh	-	-

1-10 of 11

Aliases

1. CVE-2025-327282. NVD-2025-327283. OSV-DEBIAN-2025-327284. OSV-2025-327285. OSV-ALPINE-2025-327286. SECURITY-TRACKER-CVE-2025-327287. SECURITY-CVE-2025-32728