SUSE CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-48827

This CVE (CVE-2026-48827) affects Apache MINA SSHD when used as the sshd-git bundle. The vulnerability is a path traversal caused by missing path validation in git-upload-pack, git-receive-pack, and other git operations, allowing SSH-authenticated users to access repositories outside the configur...

CVE-2026-48827 Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

CVE-2026-33748

A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized...

PT-2023-28585 · Unknown · Automataci

Name of the Vulnerable Software and Affected Versions: AutomataCI versions 1.4.1 and below Description: An issue in AutomataCI can let a release job reset the git root repository to the first commit. This is a concern for versions prior to 1.5.0. To mitigate this, ensure the PROJECT PATH RELEASE...

AutomataCI Input Validation Error Vulnerability

AutomataCI is a template git repository by the individual developer HollowayKeanHo. An input validation error vulnerability exists in AutomataCI 1.4.1 and earlier versions, which stems from allowing the release job function to reset the git root repository...