CVE-2025-15079

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting t ...

GHSA-7q9p-cx8r-rh2q

When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.

BDU:2026-03453

Уязвимость библиотеки libcurl программного средства для взаимодействия с серверами cURL, позволяющая нарушителю оказать воздействие на конфиденциальность защищаемой информации