Launchpad.net

CVE 2016-7407

The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file.

See the CVE page on Mitre.org for more details.