77 matches found
EUVD-2016-1290
Malware in sbrugna...
EUVD-2016-1291
Malware in sbrugna...
EUVD-2023-0050
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-36811
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgback...
OPENSUSE-SU-2024:10659-1 borgbackup-1.1.17-1.2 on GA media
These are all security issues fixed in the borgbackup-1.1.17-1.2 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13316-1 borgbackup-1.2.6-1.1 on GA media
These are all security issues fixed in the borgbackup-1.2.6-1.1 package on the GA media of openSUSE Tumbleweed...
Fedora 39 : borgbackup (2023-467632ecbe)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-467632ecbe advisory. fix for CVE-2023-36811: spoofed archive leads to data loss Please note that starting with borgbackup 1.2.5 all borg repos must use TAM authentication:...
Fedora: Security Advisory (FEDORA-2023-467632ecbe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for borgbackup (FEDORA-2023-34411d8f77)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for borgbackup (FEDORA-2023-555f9fac30)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: borgbackup-1.2.6-1.fc39
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
[SECURITY] Fedora 38 Update: borgbackup-1.2.6-1.fc38
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
[SECURITY] Fedora 37 Update: borgbackup-1.2.6-1.fc37
BorgBackup short: Borg is a deduplicating backup program. Optionally, it supports compression and authenticated encryption...
Fedora 38 : borgbackup (2023-555f9fac30)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-555f9fac30 advisory. fix for CVE-2023-36811: spoofed archive leads to data loss Please note that starting with borgbackup 1.2.5 all borg repos must use TAM authentication:...
Fedora 37 : borgbackup (2023-34411d8f77)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-34411d8f77 advisory. fix for CVE-2023-36811: spoofed archive leads to data loss Please note that starting with borgbackup 1.2.5 all borg repos must use TAM authentication:...
Archive Spoofing
BorgBackup is vulnerable to Archive Spoofing. The vulnerability is due a flaw in the cryptographic authentication scheme, which could potentially allow an attacker to create fake archives and indirectly cause data loss in the backup repository...
SUSE CVE-2023-36811
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...
borgapi (>=0.1.3.dev1 <=0.6.1), borgini (=1.0.0) +2 more potentially affected by CVE-2023-36811 via borgbackup (>=1.1.13 <=1.2.4)
borgbackup PYPI version =1.1.13, =0.1.3.dev1, =0.12.0, =4.9.0, =4.10.1 Source cves: CVE-2023-36811 Source advisory: OSV:GHSA-8FJR-HGHR-4M99...
GHSA-8FJR-HGHR-4M99 Archive spoofing vulnerability in borgbackup
Impact A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to 1. insert files with no additional headers into backups 2. gain write acce...
DEBIAN-CVE-2023-36811
borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...