149 matches found
Medium: amazon-ecr-credential-helper
Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...
Medium: amazon-ecr-credential-helper
Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: amazon-ecr-credential-helper Note: This advisory is applicable to Amazon Linux 2 - Ecs Extra. Visit this page to learn...
Medium: amazon-ecr-credential-helper
Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: amazon-ecr-credential-helper Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this pa...
Medium: amazon-ecr-credential-helper
Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: amazon-ecr-credential-helper Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to...
RLSA-2025:11462 Important: git security update
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to wo...
EUVD-2024-2000
Malicious code in bioql PyPI...
EUVD-2025-20679
Malicious code in bioql PyPI...
EUVD-2024-46253
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-41092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running docker login...
CVE-2025-54410 vulnerabilities
Vulnerabilities for packages: bento, helm-mapkubeapis, crossplane, skaffold, ctop, newrelic-infrastructure-agent, promxy, cluster-api-helm-controller, rancher, undock, portieris, docker-credential-gcr, harbor-scanner-trivy, amazon-cloudwatch-agent-operator, xeol, gatekeeper, prometheus,...
CLSA-2025-1755113387 Fix CVE(s): CVE-2025-48386
SECURITY UPDATE: security vulnerability patched - debian/patches/CVE-2025-48386.patch: fix buffer overflow in wcsncat to avoid segmentation fault caused by off-by-one error in the wincred credential helper - CVE-2025-48386...
BIT-GIT-2025-48386 Git allows a buffer overflow in 'wincred' credential helper
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
SUSE CVE-2025-48386
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
ALPINE-CVE-2025-48386
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
CVE-2025-48386 Git allows a buffer overflow in 'wincred' credential helper
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
CVE-2025-48386 Git allows a buffer overflow in 'wincred' credential helper
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
CVE-2025-48386 Git allows a buffer overflow in 'wincred' credential helper
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
UBUNTU-CVE-2025-48386
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
GitHub: CVE-2025-48386 Git Credential Helper Vulnerability
CVE-2025-48386 is regarding a vulnerability in Git where the wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This credential helper does not properly bounds check the available space remaining in the buffer before appending...
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2025-1039)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1039 advisory. The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly...