In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.
1:7.5p1-101:7.5p1-81:7.5p1-91:7.5p1-9build11:7.5p1-11build11:8.9p1-3ubuntu0.61:7.5p1-121:7.5p1-12build11:7.5p1-131:9.6p1-3ubuntu11:7.5p1-141:7.5p1-151:7.5p1-15build11:7.5p1-16Exploitability
AV:LAC:LPR:LUI:NScope
S:UImpact
C:HI:NA:NCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N