CVE-2026-40161

Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the Tekton Pipelines git resolver in API mode sends the system-configured Git API token to a user-controlled serverURL...

CVE-2022-1502

Permissions were not properly verified in the API on projects using version control in Git. This allowed projects to be modified by users with only ProjectView permissions...

PT-2022-20549 · Unknown +1 · Tuleap Enterprise Edition +1

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 13.10.99.82 Tuleap Enterprise Edition versions prior to 13.10-3 Description: Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using fine-grained permissions. Use...

Malicious code in com.unity.git.api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6ed2760b4ec200a5403c5cdc919864744dd932e59f73c2a36e22bb5c4f99462a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...