A vulnerability has been found in libssh up to 0.9.7/0.10.5 and classified as critical. This vulnerability affects unknown code of the component ProxyCommand/ProxyJump. The manipulation of the argument hostname leads to code injection.
This vulnerability was named CVE-2023-6004. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.