Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceSUSE-SU-2025:21128-1

SUSE-SU-2025:21128-1

UNKNOWN

Security update for openssh

Published Nov 28, 2025

Modified 1 months ago

Fix available

Details

This update for openssh fixes the following issues:

CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198).
CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199).

Affected Packages

openssh

SUSE Linux Micro 6.2

Fixed in:

10.0p2-160000.3.1

openssh-clients

SUSE Linux Micro 6.2

Fixed in:

10.0p2-160000.3.1

openssh-common

SUSE Linux Micro 6.2

Fixed in:

10.0p2-160000.3.1

openssh-server

SUSE Linux Micro 6.2

Fixed in:

10.0p2-160000.3.1

openssh-server-config-rootlogin

SUSE Linux Micro 6.2

Fixed in:

10.0p2-160000.3.1

References

REPORThttps://bugzilla.suse.com/1251198 REPORThttps://bugzilla.suse.com/1251199 WEBhttps://www.suse.com/security/cve/CVE-2025-61984 WEBhttps://www.suse.com/security/cve/CVE-2025-61985 ADVISORYhttps://www.suse.com/support/update/announcement/2025/suse-su-202521128-1/

Upstream

CVE-2025-61984 CVE-2025-61985

Related

CVE-2025-61984 CVE-2025-61985

Ecosystems

SUSE Linux Micro 6.2

Timeline

PublishedNov 28, 2025

ModifiedNov 28, 2025

SUSE-SU-2025:21128-1 | Mondoo Vulnerability Intelligence