Ubuntu: Security Advisory (USN-7977-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7977-1 git-lfs vulnerabilities

Ryota K discovered that Git LFS may leak login credentials in certain instances due to failing to check for URL-encoded characters. An attacker could possibly use this issue to learn sensitive information. CVE-2024-53263 It was discovered that Git LFS could have its git lfs checkout and git lfs...

USN-7977-1: Git LFS vulnerabilities

Ryota K discovered that Git LFS may leak login credentials in certain instances due to failing to check for URL-encoded characters. An attacker could possibly use this issue to learn sensitive information. CVE-2024-53263 It was discovered that Git LFS could have its git lfs checkout and git lfs...

MiracleLinux 9 : git-lfs-3.4.1-4.el9_5 (AXSA:2025-9577:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9577:01 advisory. git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 Tenable has extracted the preceding description block directly from...

MiracleLinux 8 : git-lfs-3.4.1-4.el8_10 (AXSA:2025-9621:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9621:02 advisory. git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 Tenable has extracted the preceding description block directly from...

CLSA-2025-1762867600 git-lfs: Fix of CVE-2024-53263

CVE-2024-53263: fix issue where Git LFS could expose user credentials via URL- encoded control characters in host's URL...

Linux Distros Unpatched Vulnerability : CVE-2024-53263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the...

TencentOS Server 3: git-lfs (TSSA-2025:0109)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0109 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Fedora: Security Advisory (FEDORA-2025-1de066b8af)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Alibaba Cloud Linux 3 : 0019: git-lfs (ALINUX3-SA-2025:0019)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0019 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-53263: Git LFS is a Git extension for...

openSUSE Security Advisory (openSUSE-SU-2025:0153-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : git-lfs (openSUSE-SU-2025:0153-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2025:0153-1 advisory. Update to 3.6.1: boo1235876: This release introduces a security fix for all platforms, which has been assigned CVE-2024-53263. When requesting credential...

OPENSUSE-SU-2025:0153-1 Security update for git-lfs

This update for git-lfs fixes the following issues: Update to 3.6.1: boo1235876: This release introduces a security fix for all platforms, which has been assigned CVE-2024-53263. When requesting credentials from Git for a remote host, prior versions of Git LFS passed portions of the host's URL to...

Security update for git-lfs (moderate)

openSUSE Security Update: Security update for git-lfs Announcement ID: openSUSE-SU-2025:0153-1 Rating: moderate References: 1235876 Cross-References: CVE-2024-53263 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description: This update f...

Amazon Linux 2023 : git-lfs (ALAS2023-2025-851)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-851 advisory. Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking...

Important: git-lfs

Issue Overview: Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters, and then sends any credentials it...

Important: git-lfs

Issue Overview: Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the git-credential1 command without checking for embedded line-ending control characters, and then sends any credentials it...

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

RLSA-2025:0845 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS permits exfiltration of credentials via crafted HTTP URLs CVE-2024-53263 For mo...

Photon OS 4.0: Git PHSA-2025-4.0-0745

An update of the git package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0745. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid21521...