510 matches found
git-lfs: Git LFS may write to arbitrary files via crafted symlinks
A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...
git-lfs: Git LFS may write to arbitrary files via crafted symlinks
A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
AlmaLinux 8 : git-lfs (ALSA-2025:23745)
The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23745 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...
ALSA-2025:23745 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...
ALSA-2025:23744 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...
RHEL 8 : git-lfs (RHSA-2025:23745)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23745 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...
RHEL 9 : git-lfs (RHSA-2025:23744)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23744 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...
Oracle Linux 8 : git-lfs (ELSA-2025-23745)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-23745 advisory. - Backport CVE-2025-26625 fixes Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has no...
git-lfs security update
3.6.1-4 - Backport fix for CVE-2025-26625 - Resolves: RHEL-122431...
RLSA-2025:23667 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, video...
RockyLinux 10 : git-lfs (RLSA-2025:23667)
The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23667 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the...
RHSA-2025:23667 Red Hat Security Advisory: git-lfs security update
Bulletin has no description...
CVE-2025-62002
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single possibly large file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection ca...
CVE-2025-62002 BullWall Ransomware Containment file count detection bypass
BullWall Ransomware Containment considers the number of files modified to trigger detection. An authenticated attacker could encrypt a single possibly large file without triggering detection if thresholds are configured to require multiple file changes. The number of files to trigger detection ca...
CVE-2025-62002
BullWall Ransomware Containment has a file-modification-based detection mechanism that can be bypassed. An authenticated attacker could encrypt a single large file without triggering alerts when thresholds are configured to require multiple file changes. Affected versions include 4.6.0.0, 4.6.0.6...
git-lfs: Git LFS may write to arbitrary files via crafted symlinks
A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...
Moderate: Red Hat Security Advisory: ruby:3.3 security update
An update for the ruby:3.3 module is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...