In Quarkus, git credentials could be inadvertently published

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk...

CVE-2024-1979

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk...

CVE-2024-1979

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk...

Buffer overflow

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk...

CVE-2024-1979

CVE-2024-1979 affects Quarkus with an information leak in the quarkus-kubernetes-deployment component related to annotation handling. The Red Hat advisory RHSA-2024:1662 lists CVE-2024-1979 as a security fix affecting the Red Hat build of Quarkus, specifically noting a security update for Quarkus...

CVE-2024-1979

A vulnerability was found in Quarkus. In certain conditions related to the CI process, git credentials could be inadvertently published, which could put the git repository at risk. Mitigation Ensure that at least one of the preconditions is not present in your environment...

SUSE CVE-2023-26054

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

UBUNTU-CVE-2023-26054

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

PT-2023-20454 · Buildctl +2 · Buildctl +2

Name of the Vulnerable Software and Affected Versions: BuildKit versions v0.11.0 through v0.11.3 Description: The issue arises when a build request contains a Git URL with credentials and creates a provenance attestation describing the build. These credentials could be visible from the provenance...

SUSE CVE-2015-6918

salt before 2015.5.5 leaks git usernames and passwords to the log...

SUSE CVE-2020-11008

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260GHSA-qm7j-c969-7j4q. The fix for that bug still left the door open for an exploit where some credential is leaked but...

SUSE CVE-2022-43756

A Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior...

CVE-2022-43756

A Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior...

CVE-2022-43756

A Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior...

CVE-2022-43756 Rancher/Wrangler: Denial of service when processing Git credentials

A Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior...

CVE-2022-43756 Rancher/Wrangler: Denial of service when processing Git credentials

A Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in SUSE Rancher allows remote attackers to cause denial of service by supplying specially crafted git credentials. This issue affects: SUSE Rancher wrangler version 0.7.3 and prior...

Denial Of Service (DoS)

github.com/rancher/wrangler is vulnerable to Denial Of Service DoS. The vulnerability exists in multiple functions of git.go as it does not properly validate the Git credential user input, which allows an attacker to cause an application crash by providing maliciously crafted Git credentials...

GHSA-8FCJ-GF77-47MG Denial of service (DoS) when processing Git credentials

Impact A denial of services DoS vulnerability was discovered in Wrangler Git package affecting versions up to and including v1.0.0. Specially crafted Git credentials can result in a denial of service DoS attack on an application that uses Wrangler due to the exhaustion of the available memory and...

PT-2023-14312 · Suse · Suse Rancher Wrangler

Name of the Vulnerable Software and Affected Versions: SUSE Rancher wrangler versions 0.7.3 and prior versions SUSE Rancher wrangler versions 0.8.4 and prior versions SUSE Rancher wrangler versions 1.0.0 and prior versions Description: A denial of service vulnerability exists in the Wrangler Git...

Gitaly Insufficient Session Expiration vulnerability

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are: =1.79.0, =13.4, =13.5, 13.5.2...