What is GHSA-j839-ff8c-f62x?

GHSA-j839-ff8c-f62x is a security advisory published by GitHub Security Advisories with Critical severity. ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop...

Which CVE IDs does GHSA-j839-ff8c-f62x cover?

GHSA-j839-ff8c-f62x covers the following CVE IDs: CVE-2023-28531. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-j839-ff8c-f62x?

GHSA-j839-ff8c-f62x has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-j839-ff8c-f62xCriticalCVSS 9.8

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop...

Vendor

GitHub Security Advisories

Published

March 17, 2023

Last Modified

May 28, 2026

🔗 CVE IDs covered (1)

CVE-2023-28531 →

📋 Description

ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints.

🔗 References (9)

https://nvd.nist.gov/vuln/detail/CVE-2023-28531
https://www.openwall.com/lists/oss-security/2023/03/15/8
https://security.gentoo.org/glsa/202307-01
https://www.debian.org/security/2023/dsa-5586
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AN2UDTXEUSKFIOIYMV6JNI5VSBMYZOFT
https://security.netapp.com/advisory/ntap-20230413-0008
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://github.com/advisories/GHSA-j839-ff8c-f62x