CVE-2025-61985

CVSS v3.1

3.6

Low

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.1

Description OpenSSH contains a flaw where the '0' character within an ssh:// URI can be processed, potentially leading to code execution when a ProxyCommand is utilized. This occurs because the presence of a null byte allows for manipulation of the command execution process.

Recommendations Update to OpenSSH version 10.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-158

Related Identifiers

ALSA-2025:23479

ALSA-2025:23480

ALSA-2025:23481

AZL-68228

AZL-68292

BDU:2025-12566

CVE-2025-61985

ECHO-C49B-D8DD-91E2

JLSEC-2025-8

MGASA-2026-0059

OESA-2025-2582

OESA-2025-2583

OESA-2025-2584

OESA-2025-2585

OESA-2025-2586

OESA-2025-2646

OPENSUSE-SU-2025:20122-1

RHSA-2026:0693

RHSA-2026:0976

RHSA-2026:1678

RHSA-2026:1790

RHSA-2026:1815

RHSA-2026:5475

SUSE-SU-2025:21044-1

SUSE-SU-2025:21128-1

SUSE-SU-2025:21161-1

SUSE-SU-2025:4067-1

SUSE-SU-2025:4098-1

SUSE-SU-2025:4112-1

SUSE-SU-2026:20662-1

USN-8090-1

USN-8090-2

Affected Products

Almalinux

Centos

Debian

Ibm Aix

Linuxmint

Openssh

Red Hat

Red Os

Rocky Linux

Suse

Ubuntu

CVE-2025-61985

Weakness Enumeration

Related Identifiers

Affected Products

References · 89