Early Access — Mondoo Vulnerability Intelligence is currently in preview.
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
1:8.4p1-6ubuntu21:8.7p1-21:8.7p1-2build11:8.7p1-41:8.8p1-11:8.9p1-31:8.9p1-3ubuntu0.11:8.9p1-3ubuntu0.31:8.9p1-3ubuntu0.41:8.9p1-3ubuntu0.51:8.9p1-3ubuntu0.61:7.9p1-10~ubuntu18.04.fips.0.11:7.9p1-10~ubuntu18.04.fips.0.21:7.9p1-10~ubuntu18.04.fips.0.31:7.9p1-10~ubuntu18.04.fips.0.41:7.9p1-10~ubuntu18.04.fips.0.51:7.9p1-10~ubuntu18.04.fips.0.61:7.9p1-10~ubuntu18.04.fips.0.71:7.9p1-10~ubuntu18.04.fips.0.81:7.2p2-4ubuntu2.fips.2.10.11:7.2p2-4ubuntu2.fips.2.10.21:7.2p2-4ubuntu2.fips.2.10.31:7.2p2-4ubuntu2.fips.2.10.41:7.2p2-4ubuntu2.fips.2.10.51:7.2p2-4ubuntu2.fips.2.2.31:7.2p2-4ubuntu2.fips.2.4.11:7.2p2-4ubuntu2.fips.2.4.21:7.2p2-4ubuntu2.fips.2.8.11:7.2p2-4ubuntu2.fips.2.10.61:7.2p2-4ubuntu2.fips.2.10.11:7.2p2-4ubuntu2.fips.2.21:7.2p2-4ubuntu2.fips.2.2.11:7.5p1-101:7.6p1-41:7.6p1-4ubuntu0.11:7.6p1-4ubuntu0.21:7.6p1-4ubuntu0.31:7.6p1-4ubuntu0.51:7.6p1-4ubuntu0.61:7.6p1-4ubuntu0.71:7.6p1-4ubuntu0.7+esm11:7.6p1-4ubuntu0.7+esm21:7.6p1-4ubuntu0.7+esm31:8.2p1-4ubuntu0.fips.0.2.11:7.9p1-10~ubuntu18.04.fips.0.11:7.9p1-10~ubuntu18.04.fips.0.21:7.9p1-10~ubuntu18.04.fips.0.31:7.9p1-10~ubuntu18.04.fips.0.41:7.9p1-10~ubuntu18.04.fips.0.51:7.9p1-10~ubuntu18.04.fips.0.61:7.9p1-10~ubuntu18.04.fips.0.71:7.9p1-10~ubuntu18.04.fips.0.81:7.9p1-10~ubuntu18.04.fips.0.91:7.9p1-10~ubuntu18.04.fips.0.11:7.9p1-10~ubuntu18.04.fips.0.21:8.0p1-6build11:8.1p1-11:8.1p1-51:8.2p1-41:8.2p1-4ubuntu0.11:8.2p1-4ubuntu0.101:8.2p1-4ubuntu0.21:8.2p1-4ubuntu0.31:8.2p1-4ubuntu0.41:8.2p1-4ubuntu0.5+3 more1:8.2p1-4ubuntu0.111:8.2p1-4ubuntu0.fips.0.101:8.2p1-4ubuntu0.fips.0.2.11:8.2p1-4ubuntu0.fips.0.4.01:8.2p1-4ubuntu0.fips.0.5.01:8.2p1-4ubuntu0.fips.0.71:8.2p1-4ubuntu0.fips.0.81:8.2p1-4ubuntu0.fips.0.91:8.2p1-4ubuntu0.fips.0.101:8.2p1-4ubuntu0.fips.0.2.11:8.2p1-4ubuntu0.fips.0.4.01:8.2p1-4ubuntu0.fips.0.5.01:8.2p1-4ubuntu0.fips.0.71:8.2p1-4ubuntu0.fips.0.81:8.2p1-4ubuntu0.fips.0.91:8.2p1-4ubuntu0.fips.0.111:8.2p1-4ubuntu0.fips.0.2.11:6.9p1-21:6.9p1-31:7.1p1-11:7.1p1-31:7.1p1-41:7.1p1-61:7.1p2-11:7.1p2-21:7.2p1-11:7.2p2-1+17 more1:7.2p2-4ubuntu2.10+esm61:6.2p2-61:6.2p2-6ubuntu11:6.4p1-11:6.4p1-21:6.5p1-11:6.5p1-21:6.5p1-31:6.5p1-41:6.5p1-61:6.6p1-1+15 more1:6.2p2-61:6.2p2-6ubuntu11:6.4p1-11:6.4p1-21:6.5p1-11:6.5p1-21:6.5p1-31:6.5p1-41:6.5p1-61:6.6p1-1+15 more1:9.3p1-1ubuntu31:9.4p1-1ubuntu11:9.6p1-3ubuntu11:7.9p1-10~ubuntu18.04.fips.0.11:7.9p1-10~ubuntu18.04.fips.0.21:7.5p1-101:7.6p1-41:7.6p1-4ubuntu0.11:7.6p1-4ubuntu0.21:7.6p1-4ubuntu0.31:7.6p1-4ubuntu0.51:7.6p1-4ubuntu0.61:7.6p1-4ubuntu0.71:7.6p1-4ubuntu0.7+esm11:7.6p1-4ubuntu0.7+esm21:7.2p2-4ubuntu2.fips.2.10.11:7.2p2-4ubuntu2.fips.2.10.21:7.2p2-4ubuntu2.fips.2.10.31:7.2p2-4ubuntu2.fips.2.10.41:7.2p2-4ubuntu2.fips.2.10.51:7.2p2-4ubuntu2.fips.2.2.31:7.2p2-4ubuntu2.fips.2.4.11:7.2p2-4ubuntu2.fips.2.4.21:7.2p2-4ubuntu2.fips.2.8.11:6.9p1-21:6.9p1-31:7.1p1-11:7.1p1-31:7.1p1-41:7.1p1-61:7.1p2-11:7.1p2-21:7.2p1-11:7.2p2-1+17 more1:7.5p1-161:7.5p1-171:7.5p1-171:7.5p1-121:7.5p1-12build11:7.5p1-131:7.5p1-141:7.5p1-151:7.5p1-15build11:7.5p1-161:7.5p1-11build11:7.5p1-101:7.5p1-81:7.5p1-91:7.5p1-9build1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:LI:LA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N