VYPR

rpm package

suse/gvfs&distro=SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

pkg:rpm/suse/gvfs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Vulnerabilities (2)

  • CVE-2026-28296MedFeb 26, 2026
    affected < 1.48.2-150400.4.9.1fixed 1.48.2-150400.4.9.1

    A flaw was found in the FTP GVfs backend. A remote attacker could exploit this input validation vulnerability by supplying specially crafted file paths containing carriage return and line feed (CRLF) sequences. These unsanitized sequences allow the attacker to terminate intended

  • CVE-2026-28295MedFeb 26, 2026
    affected < 1.48.2-150400.4.9.1fixed 1.48.2-150400.4.9.1

    A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditionally trusts this information and attempts to connect to the specified endpoint,