Security Advisory

CVE-2023-51385

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-18 00:00:00

Last updated 2026-05-12 11:21:37

Assigner mitre

State PUBLISHED

Description

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.

← Browse all CVEs View on cve.org ↗