3 matches found
EulerOS 2.0 SP10 : curl (EulerOS-SA-2026-1305)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an IMAP,...
Security update 5.1.1.1 for Multi-Linux Manager Client Tools
This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439...
curl: curl allows SSH connection even if host is not in known_hosts
Summary: Curl does not fail if the SSH host identity cannot be verified due to the host not being included in the .ssh/knownhosts file. This makes using curl to login into an previously unknown ssh host system vulnerable to meddler in the middle attacks. When using key based authentication it wil...