8005 matches found
CVE-2024-24786 affecting package cf-cli for versions less than 8.7.3-3
CVE-2024-24786 affecting package cf-cli for versions less than 8.7.3-3. A patched version of the package is available...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.42 bug fix and security update
Red Hat OpenShift Container Platform release 4.14.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...
Jenkins CLI Subsystem Service Detection (TCP)
TCP based detection of services supporting the Jenkins CLI subsystem. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GO-2024-3310 Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/cli
Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability in github.com/cli/cli...
CVE-2024-54132
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
DEBIAN-CVE-2024-54132
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
AZL-54009 CVE-2024-54132 affecting package gh for versions less than 2.13.0-23
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
UBUNTU-CVE-2024-54132
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
GHSA-2M9H-R57G-45PJ Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability
Summary A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. Details This vulnerability stems from a GitHub Actions workflow artifact name...
Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability
Summary A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. Details This vulnerability stems from a GitHub Actions workflow artifact name...
CVE-2024-54132 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
CVE-2024-54132
Summary: CVE-2024-54132 affects GitHub CLI (gh). When a user downloads a GitHub Actions workflow artifact named .. using gh run download, the artifact name and the --dir value determine the extraction path, causing files within the artifact to be extracted one directory higher than intended. This...
CVE-2024-54132 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
CVE-2024-54132 GitHub CLI allows downloading malicious GitHub Actions workflow artifact to result in path traversal vulnerability
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
CVE-2024-54132
The GitHub CLI is GitHub’s official command line tool. A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. This vulnerability stems from ...
GitHub CLI 路径遍历漏洞
GitHub CLI is the GitHub CLI open source for GitHub on the command line. A path traversal vulnerability exists in GitHub CLI version 2.63.0 and earlier, which stems from the possibility that files may be created or overwritten in unintended directories when a user downloads a malicious GitHub...
Cisco NX-OS Improper Input Validation (CVE-2017-12334)
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attacker would need valid administrator credentials to perform this exploit. The vulnerability is due to insufficient input validation of command...
Cisco NX-OS Improper Input Validation (CVE-2014-8013)
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service device reload via a long CLI command, aka Bug ID CSCur54182. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
Cisco NX-OS Command Injection (CVE-2017-12329)
A vulnerability in the CLI of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command arguments to the CLI parser. An attacke...
Cisco NX-OS Improper Input Validation (CVE-2017-12338)
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vulnerability is due to insufficient input validation for a specific CLI command. An attacker could exploit this vulnerability by issuing a crafted...