OESA-2026-2670 gvfs security update

Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...

OESA-2026-2570 gvfs security update

Gvfs is a userspace virtual filesystem implementation for GIO a library available in GLib. It comes with a set of backends, including trash support, SFTP, SMB, HTTP, DAV, and many others. Gvfs also contains modules for GIO that implement volume monitors and persistent metadata storage. Security...

Debian dla-4513 : gvfs - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4513 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4513-1 [email protected]...

SUSE-SU-2026:0960-1 Security update for gvfs

This update for gvfs fixes the following issues: - CVE-2026-28295: information disclosure when processing untrusted PASV responses from FTP servers bsc1258953. - CVE-2026-28296: arbitrary FTP command injection due to unsanitized CRLF sequences in user supplied file paths bsc1258954...

SUSE: Security Advisory (SUSE-SU-2026:0916-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2026-28296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containi...

Slackware: Security Advisory (SSA:2026-059-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

gvfs-1.58.2-1.1 on GA media (moderate)

gvfs-1.58.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10275-1 Rating: moderate Cross-References: CVE-2026-28295 CVE-2026-28296 CVSS scores: CVE-2026-28295 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N CVE-2026-28295 SUSE : 5.3...

CVE-2026-28296

A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed CRLF sequences. These unsanitized sequences allow the attacker to terminate intended FTP commands and...