JLSEC-2026-430
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2026/JLSEC-2026-430.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-430.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/JLSEC-2026-430
- Upstream
- Published
- 2026-05-04T13:12:06.605Z
- Modified
- 2026-05-04T13:32:21.151387698Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file,...
- Details
-
When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file.
- Database specific
{ "sources": [ { "published": "2026-01-08T10:15:47.100Z", "imported": "2026-05-02T08:39:50.111Z", "database_specific": { "status": "Analyzed" }, "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15079", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-15079", "modified": "2026-01-20T14:50:24.330Z", "id": "CVE-2025-15079" }, { "published": "2026-01-08T12:30:29Z", "imported": "2026-05-02T08:42:48.591Z", "html_url": "https://github.com/advisories/GHSA-7q9p-cx8r-rh2q", "url": "https://api.github.com/advisories/GHSA-7q9p-cx8r-rh2q", "modified": "2026-01-08T15:32:30Z", "id": "GHSA-7q9p-cx8r-rh2q" }, { "published": "2026-01-08T10:08:13Z", "imported": "2026-05-02T08:41:12.294Z", "html_url": "https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-1575", "url": "https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-1575", "modified": "2026-01-08T14:46:47Z", "id": "EUVD-2026-1575" } ], "license": "CC-BY-4.0" }- References
Affected packages
Julia / CURL_jll
Package
- Name
- CURL_jll
- Purl
- pkg:julia/CURL_jll?uuid=b21e61f3-bafc-59ac-ab14-4c5c62d6588d