| |
Vulnerability CVE-2023-51385
Published: 2023-12-18
| Description: |
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. |
References: |
https://www.openssh.com/txt/release-9.6
https://www.openwall.com/lists/oss-security/2023/12/18/2
|
|
|
Copyright 2026, cxsecurity.com
|
|
|
