[PR #348] [MERGED] fix: basic mitigation for scp's CVE-2020-15778 #419

New issue

Closed

opened 2026-05-07 00:20:49 +02:00 by BreizhHardware · 0 comments

BreizhHardware commented

2026-05-07 00:20:49 +02:00

Owner

📋 Pull Request Information

Original PR: https://github.com/ovh/the-bastion/pull/348
Author: @speed47
Created: 10/27/2022
Status: ✅ Merged
Merged: 11/15/2022
Merged by: @speed47

Base: master ← Head: scpcve

📝 Commits (1)

2ec6568 fix: basic mitigation for scp's CVE-2020-15778

📊 Changes

1 file changed (+17 additions, -18 deletions)

View changed files

📝 bin/plugin/open/scp (+17 -18)

📄 Description

This CVE will not be fixed by scp authors, and as far as The Bastion is concerned, this can't be achieved by anybody that doesn't already have shell access to the remote server in addition to the scp rights, but let's still block it for good measure.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/ovh/the-bastion/pull/348 **Author:** [@speed47](https://github.com/speed47) **Created:** 10/27/2022 **Status:** ✅ Merged **Merged:** 11/15/2022 **Merged by:** [@speed47](https://github.com/speed47) **Base:** `master` ← **Head:** `scpcve` --- ### 📝 Commits (1) - [`2ec6568`](https://github.com/ovh/the-bastion/commit/2ec6568df1e7620af027d7293495a8b2882365c7) fix: basic mitigation for scp's CVE-2020-15778 ### 📊 Changes **1 file changed** (+17 additions, -18 deletions) <details> <summary>View changed files</summary> 📝 `bin/plugin/open/scp` (+17 -18) </details> ### 📄 Description This CVE will not be fixed by scp authors, and as far as The Bastion is concerned, this can't be achieved by anybody that doesn't already have shell access to the remote server in addition to the scp rights, but let's still block it for good measure. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>