GHSA-39P2-8HQ9-FWJ6 GitProxy New Branch Approval Exploit

Summary An attacker can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. Because it can greatly affect system integrity, we classify this as a High impact vulnerability. Details GitProxy checks for the...

GitProxy New Branch Approval Exploit

Summary An attacker can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. Because it can greatly affect system integrity, we classify this as a High impact vulnerability. Details GitProxy checks for the...

GHSA-XXMH-RF63-QWJV GitProxy Backfile Parsing Exploit

Summary An attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended...

GitProxy Backfile Parsing Exploit

Summary An attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended...

kernel: ext4: avoid journaling sb update on error if journal is destroying

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUGON if trying to start a transaction on a journal marked with JBD2UNMOUNT, since this should never happen. However, while ltp running stress...

CVE-2025-54430

dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issuecomme...

CVE-2025-54430

CVE-2025-54430 affects the Deduplicate (dedupe) Python library. The issue resides in the GitHub Actions workflow .github/workflows/benchmark-bot.yml, where an issue_comment can trigger and cause untrusted code to run because the workflow checks out the PR branch via ${{ github.event.issue.number ...

CVE-2025-54430 dedupe is vulnerable to secret exfiltration via `issue_comment`

dedupe is a python library that uses machine learning to perform fuzzy matching, deduplication and entity resolution quickly on structured data. Before commit 3f61e79, a critical severity vulnerability has been identified within the .github/workflows/benchmark-bot.yml workflow, where a issuecomme...

The Fintech Open Source Foundation GitProxy 信息泄露漏洞

The Fintech Open Source Foundation GitProxy is a The Fintech Open Source Foundation Foundation deployment of custom push protections and policies on top of Git. An information disclosure vulnerability exists in The Fintech Open Source Foundation GitProxy versions 1.19.1 and earlier, which stems...

PT-2025-31446 · Gitproxy · Git-Proxy

Name of the Vulnerable Software and Affected Versions: GitProxy versions 1.19.1 and below Description: GitProxy is an application that acts as an intermediary between developers and a Git remote endpoint. A flaw in how GitProxy handles new branch creation allows attackers to bypass the approval o...

PT-2025-31443 · Gitproxy · Git-Proxy

Name of the Vulnerable Software and Affected Versions: GitProxy versions 1.19.1 and below Description: GitProxy is an application that acts as an intermediary between developers and a Git remote endpoint. A crafted malicious Git packfile can exploit the PACK signature detection in the parsePush.t...

CVE-2025-54426 Polkadot Frontier contains silent failure in Curve25519 arithmetic precompiles with malformed points

Polkadot Frontier is an Ethereum and EVM compatibility layer for Polkadot and Substrate. In versions prior to commit 36f70d1, the Curve25519Add and Curve25519ScalarMul precompiles incorrectly handle invalid Ristretto point representations. Instead of returning an error, they silently treat invali...

CVE-2025-38489

CVE-2025-38489: In the Linux kernel (s390/BPF), the on-disk description notes that bpf_arch_text_poke() with new_addr == NULL caused intermittent panics; the fix re‑instates the previously removed correction from commit c730fce7c70c, restoring the intended behavior and adding a clarifying comment...

kernel: ext4: avoid journaling sb update on error if journal is destroying

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUGON if trying to start a transaction on a journal marked with JBD2UNMOUNT, since this should never happen. However, while ltp running stress...

kernel: ext4: avoid journaling sb update on error if journal is destroying

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUGON if trying to start a transaction on a journal marked with JBD2UNMOUNT, since this should never happen. However, while ltp running stress...

UBUNTU-CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncatefoliobatchexceptionals The WARNONONCE is introduced on truncatefoliobatchexceptionals to capture whether the filesystem has removed all DAX entries or not. And the fix has been applied on the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the msm drm module failing to release a synchronization file in a commit error path, which could lead to a...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the msm drm module not properly cleaning up fence in the commit error path, which could lead to a memory lea...

CVE-2025-46354

A denial of service vulnerability exists in the Distributed Transaction Commit/Abort Operation functionality of Bloomberg Comdb2 8.1. A specially crafted network packet can lead to a denial of service. An attacker can send a malicious packet to trigger this vulnerability...

Bloomberg Comdb2 安全漏洞

Bloomberg Comdb2 is a Bloomberg open source distributed relational database management system. A security vulnerability exists in Bloomberg Comdb2 version 8.1, which stems from the distributed transaction commit/abort operations feature being vulnerable to denial of service attacks...