3 matches found
JLSEC-2025-3 Lack of validation for user-provided fields in GitForge.jl
Description There is a lack of input validation for user-provided values in certain functions. In the GitForge.getrepo function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not validated or safely encoded and are sent directly to the server. Impact...
CVE-2025-50178 GitForge.jl lacks validation for user provided fields
GitForge.jl is a unified interface for interacting with Git "forges." Versions prior to 0.4.3 lack input validation for user provided values in certain functions. In the GitForge.getrepo function for GitHub, the user can provide any string for the owner and repo fields. These inputs are not...
PYSEC-2015-29
RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and other sensitive information via the getrepo API method...