[SECURITY] Fedora 30 Update: viewvc-1.1.28-1.fc30

ViewVC is a browser interface for CVS and Subversion version control repositories. It generates templatized HTML to present navigable directory, revision, and change log listings. It can display specific versions of files as well as diffs between those versions. Basically, ViewVC provides the bul...

CloudBees Jenkins CVS Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version of the release/test project and some timed tasks . CVS Plugin is used in one of the CVS...

emacs, git, gitk, gitweb, perl security update

CentOS Errata and Security Advisory CESA-2020:1511 An update for git is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: rh-git218-git security update

An update for rh-git218-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Unnamed Vulnerability in GitLab

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab versions 10.8...

[SECURITY] Fedora 32 Update: git-2.26.2-1.fc32

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages,...

The vulnerability of the “quick import-export-marks” option in the distributed Git version control system allows a attacker to trigger a service failure and compromise data integrity.

The vulnerability of the “quick import-export-marks” option in the distributed Git version control system is related to a lack of input validation mechanisms. Exploiting this vulnerability allows attackers to trigger service failures and compromise data integrity...

The vulnerability of the recursive cloning component of the distributed Git version control system allows a hacker to gain unauthorized access to confidential data, cause service failures, and compromise data integrity.

The vulnerability of the recursive cloning component of the distributed version control system Git is related to the lack of a mechanism for verifying input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential data, cause service failures, and...

git: Crafted URL containing new lines can cause credential leak

A flaw was found in git. Credentials can be leaked through the use of a crafted URL that contains a newline, fooling the credential helper to give information for a different host. Highest threat from the vulnerability is to data confidentiality...

CVE-2020-9423

LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control, shared among users,...

Design/Logic Flaw

LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control, shared among users,...

Command Injection

Overview blamer is a tool for get information about author of code from version control system. Supports git and subversion. Affected versions of this package are vulnerable to Command Injection. It is possible to inject arbitrary commands as part of the arguments provided to blamer. PoC var Root...

CVE-2020-8113

GitLab 10.7 and later through 12.7.2 has Incorrect Access Control...

AFLplusplus

This is a code repository for AFLplusplus, a tool for fuzz testing and vulnerability discovery. The repository contains various files and directories related to the project, including configuration files, makefiles, and documentation. The repository is organized as follows: .clang-format is a...

git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/

An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a vulnerability in a specific product or service, but the exact target is not specified in the provided context. The module is likely intended to be used by penetration testers and...

Debian DLA-1903-1 : subversion security update

Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2018-11782 Ace Olszowka reported that the Subversion's svnserve server process may exit when a well-formed read-only request...

The vulnerability of the server process svnserve in the centralized version control system Subversion allows a perpetrator to cause a service failure.

The vulnerability of the server process svnserve in a centralized version control system like Subversion is related to the handling of the null pointer. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service interruptions...

ALSA-2019:2512 Important: subversion:1.10 security update

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fixes: subversion: NULL pointer dereference in svnserve leading to an...

Important: subversion:1.10 security update

Subversion SVN is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fixes: subversion: NULL pointer dereference in svnserve leading to an...