Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/05/13 5:32 a.m.5 views

CVE-2026-2725 Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together"

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

6CVSS5.9AI score0.00116EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/13 5:32 a.m.6 views

CVE-2026-2725

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

6CVSS5.9AI score0.00116EPSS
Exploits0References2
CVE
CVE
added 2026/05/13 5:32 a.m.20 views

CVE-2026-2725

Gerrit CVE-2026-2725 affects Gerrit versions 2.12 and later due to an incorrect authorization in the "submitted together" feature. An authenticated attacker with force-push permissions on a secondary branch can bypass code review and forcefully submit code to restricted branches by submitting a c...

6CVSS5.9AI score0.00116EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.9 views

PT-2026-40576

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

6CVSS5.9AI score0.00116EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/11/15 11:40 a.m.5 views

gd: Invalid color index not properly handled

It was found that libgd did not properly handle invalid color indexes in GD files. An attacker who could submit a crafted GD file for conversion could cause applications using libgd to crash, leading to denial of service...

7.5CVSS7.3AI score0.06805EPSS
Exploits0References4
Rows per page
Query Builder