Previously, CVE-2024-45337 fixed an authorization bypass for misused ssh server configurations; if any other type of callback is passed other than public key, then the source-address validation would be skipped.
2.53+21.10ubuntu12.54.2+22.04ubuntu12.54.2+22.04ubuntu22.54.2+22.04ubuntu32.54.3+git19.g868fc21+22.042.54.3+git26.g360067e+22.042.55.2+22.042.55.2+22.04.12.55.3+22.042.55.3+22.04ubuntu1+21 more20250116.00-0ubuntu1~24.04.42.60.4+23.102.61.3+24.042.62+24.04build12.63+24.042.63+24.04ubuntu0.12.63.1+24.042.65.3+24.042.66.1+24.042.67.1+24.042.68.5+ubuntu24.04.1+7 more1:0.25.0-120250506.01-0ubuntu1.22.67.1+25.042.68.5+ubuntu25.10.22.71+ubuntu25.102.71.1+ubuntu25.10.12.72+ubuntu25.10.22.73+ubuntu25.102.73+ubuntu25.10.12.74.1+ubuntu25.10.42.75.2+ubuntu25.1020250506.01-0ubuntu2.12.71.1+ubuntu25.10.12.72+ubuntu26.04.12.73+ubuntu26.04.12.74+ubuntu26.042.74.1+ubuntu26.042.74.1+ubuntu26.04.32.74.1+ubuntu26.04.42.75.2+ubuntu26.04.21.91.9.1.11.9.22.02.0.12.0.102.0.22.0.32.0.52.0.8+45 more2.28.5+17.102.29.4.1+18.042.29.4.2+18.042.31.1+18.042.32+18.042.32+18.04~pre52.32+18.04~pre62.32.3.2+18.042.32.5+18.042.32.8+18.04+31 moreExploitability
AV:NAC:LPR:NUI:NScope
S:CImpact
C:HI:HA:LCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L