28 matches found
CURL-CVE-2026-9547 SSH improper host validation
When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...
CVE-2026-44467
The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. From 1.2581.0 to before 1.4304.0, Claude Desktop's SSH remote development feature verified only whether a hostname existed in /.ssh/knownhosts without comparing the server's...
CLSA-2026-1771501913 curl: Fix of CVE-2025-15079
CVE-2025-15079: fix accepting hosts not present in the specified knownhosts during SSH-based SCP/SFTP transfers when global knownhosts contained them restrict host verification to the specified knownhosts file...
CVE-2025-15079
When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...
CVE-2025-15079
When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...
curl 安全漏洞
curl is an open source tool from cURL for transferring data from or to a server. A security vulnerability exists in curl that stems from libcurl incorrectly accepting connections to SSH hosts that are not listed in the specified knownhosts file...
EUVD-2005-2667
Malware in sbrugna...
Fleet doesn’t validate a server’s certificate when connecting through SSH
Impact A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate when connecting through SSH if the certificate isn’t set in the knownhosts file. This could allow the execution of a man-in-the-middle MitM attack against Fleet...
GHSA-XGPC-Q899-67P8 Fleet doesn’t validate a server’s certificate when connecting through SSH
Impact A vulnerability has been identified within Fleet where, by default, Fleet will automatically trust a remote server’s certificate when connecting through SSH if the certificate isn’t set in the knownhosts file. This could allow the execution of a man-in-the-middle MitM attack against Fleet...
libssh security update
0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...
OpenBSD OpenSSH < 9.2 Unspecified Vulnerability
OpenBSD OpenSSH is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
SUSE: Security Advisory (SUSE-SU-2019:14031-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:14031-1)
This update for libssh2org fixes the following issues : Incorrect upstream fix for CVE-2019-3859 broke public key authentication bsc1133528, bsc1130103 Store but don't use keys of unsupported types in the knownhosts file bsc1091236 Note that Tenable Network Security has extracted the preceding...
SUSE-SU-2019:14031-1 Security update for libssh2_org
This update for libssh2org fixes the following issues: - Incorrect upstream fix for CVE-2019-3859 broke public key authentication bsc1133528, bsc1130103 - Store but don't use keys of unsupported types in the knownhosts file bsc1091236...
openSUSE Security Update : libssh2_org (openSUSE-2019-1075)
This update for libssh2org fixes the following issues : Security issues fixed: - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets bsc1128490. - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet bsc1128492. -...
Improper Certificate Validation in chloride
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's knownhosts file without confirmation. In version 0.3.0 this is updated so that the user's knownhosts file is not updated by chloride...
CVE-2018-6517
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's knownhosts file without confirmation. In version 0.3.0 this is updated so that the user's knownhosts file is not updated by chloride...
SUSE SLED12 / SLES12 Security Update : libssh2_org (SUSE-SU-2019:0655-1)
This update for libssh2org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets bsc1128490. CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet bsc1128492...
CVE-2018-6517
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's knownhosts file without confirmation. In version 0.3.0 this is updated so that the user's knownhosts file is not updated by chloride...
SUSE SLED12 Security Update : openssh (SUSE-SU-2017:0607-2)
This update for openssh fixes the following issues : - CVE-2016-8858: prevent resource depletion during key exchange bsc1005480 - CVE-2016-10009: limit directories for loading PKCS11 modules to avoid privilege escalation bsc1016366 - CVE-2016-10011: Prevent possible leaks of host private keys to...