go-git 路径遍历漏洞

go-git is an open-source, highly scalable Git implementation written entirely in Go. Versions of go-git prior to 5.19.1 and 6.0.0-alpha.4 contained a path traversal vulnerability. This vulnerability stemmed from path validation issues, which could allow malicious data from a specially crafted...

Unity Linux 20.1070a Security Update: git (UTSA-2026-021382)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021382 advisory. Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has clon...

EUVD-2026-14990

sbt: Source dependency feature via crafted VCS URL leads to arbitrary code execution on Windows...

CVE-2021-28954

In Chris Walz bit before 1.0.5 on Windows, attackers can run arbitrary code via a .exe file in a crafted repository...

SUSE CVE-2025-41390

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

CVE-2025-41390

A flaw was found in the git functionality of TruffleHog. Scanning a specially crafted git repository copied file-for-file, such as via tar, cp, rsync or other tools, with a malicious core.fsmonitor configuration option specified in the .git/config file can cause arbitrary code execution. Mitigati...

EUVD-2025-35053

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

CVE-2025-41390

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...

Unsafe Dependency Resolution

Overview Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the core.fsmonitor configuration option in the .git/config file. An attacker can execute arbitrary code by convincing a user or tool to scan a specially crafted repository that contains a malicious...

CVE-2025-41390

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co. TruffleHog 3.90.2. A specially crafted repository can lead to a arbitrary code execution. An attacker can provide a malicious respository to trigger this vulnerability...

TruffleHog 安全漏洞

TruffleHog is an open source tool from Truffle Security. A security vulnerability exists in TruffleHog version 3.90.2, which stems from a specially crafted repository could lead to arbitrary code execution...

EUVD-2021-2052

Malware in sbrugna...

EUVD-2021-15605

Malware in sbrugna...

EUVD-2016-0016

Malware in sbrugna...

EUVD-2018-19775

Malware in sbrugna...

EUVD-2017-4373

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-0756

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab affecting all versions before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11...

Linux Distros Unpatched Vulnerability : CVE-2024-8041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Denial of Service DoS issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A deni...