VDB
JLSEC-2025-7
JLSEC-2025-7
PUBLISHED
CVSS 3.5999999046325684 LOW
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain...
Risk Scores
CVSS v3.1
3.5999999046325684
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | OpenSSH_jll | 0, 0 |
Timeline
- Oct 9, 2025 CVE Published
- Apr 9, 2026 CVE Updated
References
- https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2 url
- https://www.openssh.com/releasenotes.html#10.1p1 url
- https://www.openwall.com/lists/oss-security/2025/10/06/1 url
- http://www.openwall.com/lists/oss-security/2025/10/07/1 url
- http://www.openwall.com/lists/oss-security/2025/10/12/1 url
- https://www.vicarius.io/vsociety/posts/cve-2025-61984-detection-script-remote-code-execution-vulnerability-affecting-openssh url
- https://www.vicarius.io/vsociety/posts/cve-2025-61984-mitigation-script-remote-code-execution-vulnerability-affecting-openssh url
- https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-61984 url
- https://github.com/advisories/GHSA-hh67-847q-q3h9 url