EUVD-2025-14277

Malicious code in bioql PyPI...

UBUNTU-CVE-2025-22237

An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process...

UBUNTU-CVE-2024-4982

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server...

CVE-2024-4982 Pagure: path traversal in view_issue_raw_file()

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits a specially cratfted git repository they could discover secrets on the server...

Jujutsu 路径遍历漏洞

Jujutsu is a powerful version control system for software projects from the individual developer Martin von Zweigbergk. A path traversal vulnerability previously existed in Jujutsu version 0.23.0, which stems from the fact that a specially crafted Git repository could cause jj to write files...

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The conver...

libgit2: Privilege Escalation Vulnerability

Background libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API. Description A vulnerability has been discovered in libgit2. Please review the CVE identifier referenced below for details. Impact Usages of a malicious craft...

CVE-2016-3105

The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name...