283 matches found
CVE-2018-12907
In Rclone 1.42, use of "rclone sync" to migrate data between two Google Cloud Storage buckets might allow attackers to trigger the transmission of any URL's content to Google, because there is no validation of a URL field received from the Google Cloud Storage API server, aka a "RESTLESS" issue...
CVE-2018-12907
CVE-2018-12907 affects rclone 1.42 during data migration between Google Cloud Storage buckets using the rclone sync command. The RESTLESS vulnerability arises from missing validation of a URL field returned by the Google Cloud Storage API server, potentially allowing an attacker to cause the tran...
Reproducing Go binaries byte-by-byte
Fully reproducible builds are important because they bridge the gap between auditable open source and convenient binary artifacts. Technologies like TUF and Binary Transparency provide accountability for what binaries are shipped to users, but that's of limited utility if there is no way short of...