CVE-2025-32728

Medium CVSS: 4.3

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

Vendor

Openbsd

Product

Openssh

CWE

CWE-440

Yayın Tarihi

2025-04-10 02:15:30

Güncelleme

2025-05-22 16:51:54

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-440 Openssh MEDIUM Openbsd 2025

Referanslar

https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367 https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html https://www.openssh.com/txt/release-10.0 https://www.openssh.com/txt/release-7.4 https://lists.debian.org/debian-lts-announce/2025/05/msg00008.html https://security.netapp.com/advisory/ntap-20250425-0002/

Benzer Kayıtlar

Medium

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list i…

High

CVE-2025-30334

In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash…

Medium

CVE-2025-26466

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a m…

Medium

CVE-2025-26465

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be…