Fdiakh

**Name of the Vulnerable Software and Affected Versions** bubblewrap versions 0.11.0 through 0.11.1 **Description** Privilege escalation is possible if the software is installed as setuid root, occurring via ptrace (a system call used for process tracing and debugging). **Recommendations** Update to version 0.11.2 or later.

**Name of the Vulnerable Software and Affected Versions** sshproxy versions prior to 1.6.3 **Description** The issue allows any user authorized to connect to an SSH server using `sshproxy` to inject options to the `ssh` command executed by `sshproxy`. This affects all versions of `sshproxy` prior to 1.6.3. **Recommendations** For versions prior to 1.6.3, update to version 1.6.3 or later to resolve the issue. As a temporary workaround, consider using the `force command` option in `sshproxy.yaml`, but note that this is rarely relevant.