Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.31 views

openSUSE Security Update : git-annex (openSUSE-2019-497)

This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

7.5CVSS6.8AI score0.01539EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/01/03 12:0 a.m.28 views

Fedora 28 : git-annex (2018-e22c8eb218)

Update to 6.20180626 Security fix for CVE-2018-10857 and CVE-2018-10859 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...

7.5CVSS6.8AI score0.01539EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/09/06 12:0 a.m.33 views

Debian DLA-1495-1 : git-annex security update

The git-annex package was found to have multiple vulnerabilities when operating on untrusted data that could lead to arbitrary command execution and encrypted data exfiltration. CVE-2017-12976 git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an...

10CVSS7.2AI score0.77823EPSS
Exploits12References5
OSV
OSV
added 2018/07/16 6:29 p.m.11 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS7.5AI score0.01362EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/07/16 6:0 p.m.36 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

5.9CVSS7.3AI score0.01362EPSS
Exploits0References2
CVE
CVE
added 2018/07/16 6:0 p.m.75 views

CVE-2018-10859

git-annex (CVE-2018-10859) is vulnerable to Information Exposure when decrypting files. A malicious server on a special remote could trick git-annex into decrypting data encrypted to the user’s gpg key, exposing encrypted data not stored in git-annex. Public advisories show fixes in git-annex aro...

7.5CVSS7.2AI score0.01362EPSS
Exploits0References2Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2018/07/06 12:9 a.m.76 views

Security update for git-annex (moderate)

This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

0.6AI score0.01539EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/07/06 12:0 a.m.23 views

openSUSE: Security Advisory for git-annex (openSUSE-SU-2018:1896-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.01539EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2018/07/04 12:0 a.m.27 views

[ASA-201807-2] git-annex: multiple issues

Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...

7.5CVSS0.5AI score0.01539EPSS
Exploits0References5
Rows per page
Query Builder