Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/23 12:0 a.m.6 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2026-004931)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004931 advisory. When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in th...

5.3CVSS5.6AI score0.00457EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/08 10:8 a.m.6 views

CVE-2025-15079 libssh global known_hosts override

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

6.5AI score0.00457EPSS
Exploits1References3
CVE
CVE
added 2026/01/08 10:8 a.m.41 views

CVE-2025-15079

CVE-2025-15079 affects curl/libcurl when using SSH-based transfers (SCP/SFTP) with a libssh backend. The vulnerability arises in known_hosts handling: even if a per-file known_hosts is used, connections could be accepted for hosts not present in that file if they are recognized in the libssh glob...

5.3CVSS6.2AI score0.00457EPSS
Exploits1References4Affected Software1
curl security advisories
curl security advisories
added 2026/01/07 8:0 a.m.8 views

libssh global known_hosts override

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

5.3CVSS5.8AI score0.00457EPSS
Exploits1References1Affected Software2
OSV
OSV
added 2026/01/06 7:0 a.m.6 views

UBUNTU-CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

5.3CVSS6AI score0.00457EPSS
Exploits1References5
Hacker One
Hacker One
added 2025/12/24 4:45 a.m.13 views

curl: CVE-2025-15079: libssh global knownhost override

A vulnerability was discovered in libssh where the SSHOPTIONSGLOBALKNOWNHOSTS option was used to specify a global knownhosts file. If the host was not found in the file specified by SSHOPTIONSKNOWNHOSTS, the global file was checked, potentially allowing any host identities specified in the defaul...

5.3CVSS6.7AI score0.00457EPSS
Exploits1
Rows per page
Query Builder