Git LFS Clone Command Exec

Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of...

Use after free in heapless

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

Data races in rocket

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time...

GHSA-8Q2V-67V7-6VC6 Data races in rocket

The affected version of rocket contains a Clone trait implementation of LocalRequest that reuses the pointer to inner Request object. This causes data race in rare combinations of APIs if the original and the cloned objects are modified at the same time...

Use after free in string-interner

Affected versions of this crate did not clone contained strings when an interner is cloned. Interners have raw pointers to the contained strings, and they keep pointing the strings which the old interner owns, after the interner is cloned. If a new cloned interner is alive and the old original...

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

✍️ Description csrf bug to make clone of a role 🕵️‍♂️ Proof of Concept i see everywhere csrf token is checking but during cloning of role, it does not check csrf token .\ Belllow url is vulnerable to csrf attack to make a clone of role...

CVE-2020-36464

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

CVE-2020-36464

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

Design/Logic Flaw

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A memory corruption vulnerability exists in versions of Mozilla Rust prior to 0.3.2, which stems from Rust's array-tools crate. for fixedcapacitydequelikes:: clone has an uninitialized memory. An attacker could...

CVE-2021-21865

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this...

PT-2021-7767 · 3S Smart Software Solutions · Codesys Development System

Name of the Vulnerable Software and Affected Versions: CODESYS Development System version 3.5.16 Description: A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone functionality. This vulnerability can be triggered by a specially crafted file, leadin...

Exploit for Out-of-bounds Write in Sudo_Project Sudo

CVE-2019-18634 N-Day Exploit Slides https://docs.googl...

Security update for git (moderate)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2021:2555-1 Rating: moderate References: 1168930 1183026 1183580 SLE-17838 SLE-18152 Cross-References: CVE-2021-21300 CVSS scores: CVE-2021-21300 NVD : 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2021-21300...

CVE-2021-32000

A UNIX Symbolic Link Symlink Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux...

Design/Logic Flaw

A UNIX Symbolic Link Symlink Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux...

CVE-2021-32000

CVE-2021-32000 is a local privilege issue in the clone-master-clean-up.sh script of the clone-master-clean-up utility. A UNIX symlink following vulnerability could allow local attackers to delete arbitrary files on SUSE Linux Enterprise Server 12 SP3 (1.6-4.6.1 and earlier) and 15 SP1 (1.6-3.9.1 ...

CVE-2021-32000 clone-master-clean-up: dangerous file system operations

A UNIX Symbolic Link Symlink Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux...

Micro Focus SUSE Linux Enterprise Server 后置链接漏洞

Micro Focus SUSE Linux Enterprise Server is a suite of enterprise server edition Linux operating systems from Micro Focus in the United Kingdom. A security vulnerability exists in Micro Focus SUSE Linux Enterprise Server, which stems from potentially dangerous file system operations in...