4 matches found
CVE-2025-58158 Harness Affected by Arbitrary File Write in Gitness LFS server
Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation ...
CVE-2025-58158
CVE-2025-58158 affects Harness Open Source Gitness (git LFS server). Prior to version 3.3.0, the upload git LFS file API allowed arbitrary file writes due to improper sanitization of the upload path, enabling a malicious authenticated user with access to the Harness Gitness API to write files any...
Harness Allows Arbitrary File Write in Gitness LFS server
Impact Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary file write. Due to improper sanitization for upload path, a malicious authenticated user who has access to Harness Gitness...
GHSA-W469-HJ2F-JPR5 Harness Allows Arbitrary File Write in Gitness LFS server
Impact Open Source Harness git LFS server Gitness exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary file write. Due to improper sanitization for upload path, a malicious authenticated user who has access to Harness Gitness...