Lucene search
K

509 matches found

OSV
OSV
added 2026/04/16 10:48 a.m.14 views

CLSA-2026-1776336504 git-lfs: Fix of CVE-2026-25679

Rebuild with Go 1.25.8 to fix Go standard library CVE - CVE-2026-25679: reject invalid IPv6 host literals in net/url.Parse to prevent URL validation bypass...

7.5CVSS7.3AI score0.0052EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/04/15 12:0 a.m.8 views

AlmaLinux 10 : git-lfs (ALSA-2026:7005)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:7005 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Tenable has extracted the preceding description block directly from the AlmaLinux...

7.5CVSS5.9AI score0.0052EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/13 12:0 a.m.4 views

MiracleLinux 9 : git-lfs-3.6.1-8.el9_7 (AXSA:2026-420:04)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-420:04 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Tenable has extracted the preceding description block directly from the MiracleLinu...

7.5CVSS5.9AI score0.0052EPSS
Exploits0References2
OSV
OSV
added 2026/04/10 10:9 a.m.7 views

RHSA-2026:7259 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.5CVSS7.2AI score0.0052EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.5 views

RockyLinux 10 : git-lfs (RLSA-2026:7005)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:7005 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Tenable has extracted the preceding description block directly from the RockyLinux...

7.5CVSS5.9AI score0.0052EPSS
Exploits0References3
OSV
OSV
added 2026/04/09 10:11 a.m.9 views

RHSA-2026:7005 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.5CVSS7.2AI score0.0052EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.6 views

Oracle Linux 9 : git-lfs (ELSA-2026-7259)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-7259 advisory. 3.6.1-8 - Rebuild with new Golang - Resolves: RHEL-158724 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

7.5CVSS5.9AI score0.0052EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2026/04/09 12:0 a.m.9 views

git-lfs security update

3.6.1-8 - Rebuild with new Golang - Resolves: RHEL-158724...

7.5CVSS7.2AI score0.0052EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.4 views

Oracle Linux 10 : git-lfs (ELSA-2026-7005)

The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-7005 advisory. 3.6.1-8 - Rebuild with new Golang Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

7.5CVSS7.3AI score0.0052EPSS
Exploits0References2
OSV
OSV
added 2026/04/01 9:24 a.m.5 views

CLEANSTART-2026-MF20926 Security fixes for CVE-2021-38561, CVE-2022-27191, CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61728, CVE-2025-61730, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 3.1.2-r3, 3.1.2-r4, 3.7.0-r0, 3.7.0-r2

Multiple security vulnerabilities affect the git-lfs-fips package. These issues are resolved in later releases. See references for individual vulnerability details...

10CVSS7AI score0.03931EPSS
Exploits4References41
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-006282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006282 advisory. Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the...

8.5CVSS5.9AI score0.0104EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-006283)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006283 advisory. Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of...

8.6CVSS6AI score0.00697EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.4 views

AlmaLinux 8 : git-lfs (ALSA-2026:3985)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:3985 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

10CVSS5.9AI score0.00765EPSS
Exploits1References4
OSV
OSV
added 2026/03/12 11:28 a.m.13 views

CLSA-2026-1773314910 git-lfs: Fix of 3 CVEs

rebuild with newer golang version 1.22.9-1.el92.tuxcare.els6 to fix the following CVE - CVE-2025-61726: limit parsed URL query parameters to mitigate excessive memory consumption during form parsing - CVE-2025-68121: fix TLS session resumption bypass by preventing shared auto-rotated ticket keys...

10CVSS7.1AI score0.00765EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.7 views

MiracleLinux 8 : git-lfs-3.4.1-8.el8_10 (AXSA:2026-288:03)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-288:03 advisory. golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls...

10CVSS7.2AI score0.00765EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.8 views

AlmaLinux 10 : git-lfs (ALSA-2026:4164)

The remote AlmaLinux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:4164 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: net/url: Memory exhaustion in...

10CVSS5.9AI score0.00765EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2026/03/11 12:0 a.m.7 views

Oracle Linux 10 : git-lfs (ELSA-2026-4164)

The remote Oracle Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-4164 advisory. 3.6.1-7 - Rebuild with new Golang 3.6.1-6 - Rebuild with new Golang 3.6.1-5 - Rebuild with new Golang Tenable has extracted the preceding description...

10CVSS7.2AI score0.00765EPSS
Exploits3References4
OSV
OSV
added 2026/03/10 12:1 p.m.6 views

RLSA-2026:3985 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726...

7.5CVSS5.8AI score0.00765EPSS
Exploits1References3
OSV
OSV
added 2026/03/10 10:8 a.m.9 views

RHSA-2026:4164 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.5CVSS5.7AI score0.00765EPSS
Exploits3References27
Tenable Nessus
Tenable Nessus
added 2026/03/10 12:0 a.m.11 views

Oracle Linux 8 : git-lfs (ELSA-2026-3985)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-3985 advisory. 3.4.1-8 - Rebuild with new Golang - Resolves: RHEL-146094, RHEL-149269 Tenable has extracted the preceding description block directly from the Oracle...

10CVSS5.9AI score0.00765EPSS
Exploits1References3
Rows per page
Query Builder