GHSA-5gff-h54g-38r2

Опубликовано: 07 нояб. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.

This prevents curl from detecting MITM attackers and more.

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.

This prevents curl from detecting MITM attackers and more.

Ссылки

EPSS

Процентиль: 3%

0.0002

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-10966

Связанные уязвимости

CVE-2025-10966

CVSS3: 4.3

ubuntu

13 дней назад

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.

CVE-2025-10966

CVSS3: 4.3

nvd

13 дней назад

CVE-2025-10966

msrc

12 дней назад

missing SFTP host verification with wolfSSH

CVE-2025-10966

CVSS3: 4.3

debian

13 дней назад

curl's code for managing SSH connections when SFTP was done using the ...

EPSS

Процентиль: 3%

0.0002

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2025-10966