6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-36811
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgback...
Fedora 39 : borgbackup (2023-467632ecbe)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-467632ecbe advisory. fix for CVE-2023-36811: spoofed archive leads to data loss Please note that starting with borgbackup 1.2.5 all borg repos must use TAM authentication:...
Fedora: Security Advisory for borgbackup (FEDORA-2023-34411d8f77)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : Borg (Backup) -- flaw in cryptographic authentication scheme in Borg allowed an attacker to fake archives and indirectly cause backup data loss. (b8a52e5a-483d-11ee-971d-3df00e0f9020)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the b8a52e5a-483d-11ee-971d-3df00e0f9020 advisory. - borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A...
borgapi (>=0.1.3.dev1 <=0.6.1), borgini (=1.0.0) +2 more potentially affected by CVE-2023-36811 via borgbackup (>=1.1.13 <=1.2.4)
borgbackup PYPI version =1.1.13, =0.1.3.dev1, =0.12.0, =4.9.0, =4.10.1 Source cves: CVE-2023-36811 Source advisory: OSV:GHSA-8FJR-HGHR-4M99...
CVE-2023-36811
CVE-2023-36811 affects borgbackup. A flaw in the cryptographic authentication scheme allowed an attacker to spoof archives and potentially cause backup data loss in a repository, requiring the ability to insert files into backups and to gain write access to the repository. The issue does not disc...