CLSA-2026-1777585781

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777585781
Upstream
Published
2026-04-30T21:49:47Z
Modified
2026-05-27T11:18:28.056191934Z
Summary
openssh: Fix of CVE-2026-35386
Details
  • CVE-2026-35386: fix client-side command execution via control characters in usernames by adding iscntrl rejection to valid_ruser
References

Affected packages

TuxCare:OracleLinux:7
openssh

Package

Name
openssh
Purl
pkg:rpm/tuxcare/openssh?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-askpass

Package

Name
openssh-askpass
Purl
pkg:rpm/tuxcare/openssh-askpass?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-cavs

Package

Name
openssh-cavs
Purl
pkg:rpm/tuxcare/openssh-cavs?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-clients

Package

Name
openssh-clients
Purl
pkg:rpm/tuxcare/openssh-clients?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-keycat

Package

Name
openssh-keycat
Purl
pkg:rpm/tuxcare/openssh-keycat?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-ldap

Package

Name
openssh-ldap
Purl
pkg:rpm/tuxcare/openssh-ldap?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-server

Package

Name
openssh-server
Purl
pkg:rpm/tuxcare/openssh-server?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
openssh-server-sysvinit

Package

Name
openssh-server-sysvinit
Purl
pkg:rpm/tuxcare/openssh-server-sysvinit?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.4p1-23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"
pam_ssh_agent_auth

Package

Name
pam_ssh_agent_auth
Purl
pkg:rpm/tuxcare/pam_ssh_agent_auth?distro=oraclelinux-7

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.10.3-2.23.0.3.el7_9.tuxcare.els5

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux7els/CLSA-2026-1777585781.json"