2 matches found
libcurl 7.69.0 < 8.21.0 SSH Improper Host Validation
The version of libcurl installed on the remote host is 7.69.0 prior to 8.21.0. It is, therefore, affected by an improper host validation vulnerability: - When a libcurl-based application performs transfers via SCP or SFTP and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an...
CVE-2007-4909
Interpretation conflict in WinSCP before 4.0.4 allows remote attackers to perform arbitrary file transfers with a remote server via file-transfer commands in the final portion of a 1 scp, and possibly a 2 sftp or 3 ftp, URL, as demonstrated by a URL specifying login to the remote server with a...