2 matches found
CVE-2026-54323 Daytona: Git credential leak via git clone with TLS verification disabled
Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.185.0, the daemon's git clone implementation disabled TLS certificate verification. When a clone request carried Git credentials, the daemon sent the HTTP Basic Authorization...
go-git path traversal vulnerability
go-git is go-git open source a pure Go written in a highly scalable git implementation of the library . A path traversal vulnerability exists in versions prior to go-git v5.11 that allows an attacker to create and modify files across file systems...