576 matches found
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...
ALSA-2024:7136 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...
RHEL 9 : git-lfs (RHSA-2024:7136)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:7136 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
ALSA-2024:7135 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...
CVE-2024-9040 code-projects Blood Bank Management System Password cleartext storage in a file or on disk
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...
CVE-2024-9040 code-projects Blood Bank Management System Password cleartext storage in a file or on disk
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation leads to cleartext storage in a file or on disk. An attack has to be approached locally...
The vulnerability of the generate_filename() function in the django.core.files.storage.Storage class of the Django web application framework allows a malicious actor to write arbitrary files.
The vulnerability of the generatefilename function in the django.core.files.storage.Storage class of the Django web application framework is related to an incorrect path name limitation for restricted directories. Exploiting this vulnerability could allow a malicious actor to write arbitrary file...
AlienVault Authenticated SQL Injection Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.6.1 and below is susceptible to an authenticated SQL...
OESA-2024-2036 python-django security update
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with ...
The vulnerability of the Git-based software platform for collaborative code development on GitLab relates to an error in token processing by LFS. This error allows attackers to gain unauthorized access to protected information and write arbitrary files.
The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an error in token processing for LFS operations. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information and...
UBUNTU-CVE-2024-3035
A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...
PT-2024-6167 · Unknown +2 · Soft Serve +2
Name of the Vulnerable Software and Affected Versions: Soft Serve versions prior to 0.7.5 Description: The issue is related to Soft Serve passing all environment variables given by the client to git subprocesses, including variables that control program execution, such as LD PRELOAD. This can be...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : git-lfs (RHSA-2024:4543)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4543 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
RHEL 8 : git-lfs (RHSA-2024:4545)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4545 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...
MAL-2024-4590 Malicious code in OCI.DotNetSDK.File.storage (NuGet)
--- -= Per source details. Do not edit below this line.=-...