Lucene search
K

77 matches found

OSV
OSV
added 2023/08/30 6:15 p.m.2 views

DEBIAN-CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS4.9AI score0.00106EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/08/30 6:15 p.m.354 views

CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS5.8AI score0.00106EPSS
Exploits0References15
vulnersOsv
vulnersOsv
added 2023/08/30 6:15 p.m.5 views

borgapi (>=0.1.3.dev1 <=0.6.1), borgini (=1.0.0) +2 more potentially affected by CVE-2023-36811 via borgbackup (>=1.1.13 <=1.2.4)

borgbackup PYPI version =1.1.13, =0.1.3.dev1, =0.12.0, =4.9.0, =4.10.1 Source cves: CVE-2023-36811 Source advisory: OSV:PYSEC-2023-164...

4.7CVSS5.8AI score0.00106EPSS
Exploits0
OSV
OSV
added 2023/08/30 6:15 p.m.2 views

PYSEC-2023-164

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS5.7AI score0.00106EPSS
Exploits0References3
PyPA
PyPA
added 2023/08/30 6:15 p.m.7 views

PYSEC-2023-164

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS6.8AI score0.00106EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2023/08/30 6:15 p.m.18 views

Spoofing

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

1CVSS4.6AI score0.00106EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2023/08/30 6:15 p.m.3 views

UBUNTU-CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS5.7AI score0.00106EPSS
Exploits0References16
Vulnrichment
Vulnrichment
added 2023/08/30 5:32 p.m.14 views

CVE-2023-36811 Archive spoofing vulnerability in borgbackup

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS6.6AI score0.00106EPSS
Exploits0References6
CVE
CVE
added 2023/08/30 5:32 p.m.123 views

CVE-2023-36811

CVE-2023-36811 affects borgbackup. A flaw in the cryptographic authentication scheme allowed an attacker to spoof archives and potentially cause backup data loss in a repository, requiring the ability to insert files into backups and to gain write access to the repository. The issue does not disc...

4.7CVSS4.5AI score0.00106EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2023/08/30 5:32 p.m.44 views

CVE-2023-36811 Archive spoofing vulnerability in borgbackup

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS5AI score0.00106EPSS
Exploits0References6
OSV
OSV
added 2023/08/30 5:32 p.m.12 views

CVE-2023-36811 Archive spoofing vulnerability in borgbackup

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS4.8AI score0.00106EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2023/08/30 5:32 p.m.10 views

CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS4.6AI score0.00106EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2023/08/30 5:32 p.m.17 views

CVE-2023-36811

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

4.7CVSS4.6AI score0.00106EPSS
Exploits0
CNNVD
CNNVD
added 2023/08/30 12:0 a.m.6 views

BorgBackup 数据伪造问题漏洞

BorgBackup is an archiving program that performs deduplication through compression and encryption. A data forgery issue vulnerability exists in BorgBackup versions prior to 1.2.5, which stems from a flaw in the cryptographic authentication scheme in BorgBackup that allows an attacker to forge an...

4.7CVSS5AI score0.00106EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/08/30 12:0 a.m.3 views

PT-2023-25702 · Unknown +1 · Borgbackup +1

Name of the Vulnerable Software and Affected Versions: borgbackup versions prior to 1.2.5 Description: A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an...

6CVSS4.6AI score0.00106EPSS
Exploits0References33
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.3 views

SUSE CVE-2016-10100

Borg aka BorgBackup before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive...

5.3CVSS6.9AI score0.0107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:54 a.m.7 views

SUSE CVE-2016-10099

Borg aka BorgBackup before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest list of archives, potentially allowing an attacker to spoof the list of archives...

5.3CVSS6.9AI score0.0139EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/01/15 12:0 a.m.15 views

Fedora 27 : borgbackup (2017-81115c3047)

upstream version 1.1.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenab...

5.5AI score
Exploits0References1
OpenVAS
OpenVAS
added 2017/12/11 12:0 a.m.9 views

Fedora Update for borgbackup FEDORA-2017-7b0a42338c

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01938EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/12/11 12:0 a.m.13 views

Fedora Update for borgbackup FEDORA-2017-81115c3047

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.01938EPSS
Exploits0References2
Rows per page
Query Builder