View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-3115 severity moderate: SUSE including 42 source package names (openssh, openssh-5.1p1-41.74.1, …), 148 product×package rows across 50 product lines (SUSE CaaS Platform 4.5, SUSE Enterprise Storage 7, … (50 product lines)): Fixed 90, Known Not Affected 58.
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.