Lucene search
+L

29 matches found

nvd
nvd
added 2026/07/07 2:16 p.m.8 views

CVE-2026-44938

A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a Fleet-monitored...

8.8CVSS0.00508EPSS
Exploits0References2
cvelist
cvelist
added 2026/07/07 1:5 p.m.33 views

CVE-2026-44938 Fleet has PSS Bypass through addLabelsFromOptions in Fleet Agent

A vulnerability has been identified in Fleet's agent-side deployer, which did not filter security-sensitive keys from namespaceLabels in fleet.yaml or BundleDeployment.spec.options.namespaceLabels when applying them to the target namespace. An attacker with git push access to a Fleet-monitored...

8.8CVSS0.00508EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 8:45 p.m.4 views

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF in the helm.repo process when the helmRepoURLRegex field is not set on a GitRepo resource. An attacker with git push access to a monitored repository can cause the system to forward Helm authentication...

5.3CVSS6.1AI score0.00386EPSS
Exploits0References2
nvd
nvd
added 2026/06/26 5:16 p.m.9 views

CVE-2026-45408

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/26 4:19 p.m.34 views

CVE-2026-45408 Dokku: OS Command Injection via App Name in Git Pre-Receive Hook

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS0.00234EPSS
Exploits0References2
osv
osv
added 2026/06/26 4:19 p.m.2 views

CVE-2026-45408 Dokku: OS Command Injection via App Name in Git Pre-Receive Hook

Dokku is a docker-powered PaaS. Prior to 0.38.2, the app name validation regex ^a-z0-9^/:A-Z$ permits shell metacharacters. When an authenticated user pushes to a git remote with a crafted app name, the name is embedded unquoted into a bash pre-receive hook script via an unquoted heredoc EOF...

9CVSS6.1AI score0.00234EPSS
Exploits0References4
nvd
nvd
added 2026/06/23 5:16 p.m.8 views

CVE-2026-44790

n8n is an open source workflow automation platform. Prior to 1.123.43, 2.22.1, and 2.20.7, an authenticated user with permission to create or modify workflows could inject CLI flags on the Git node's Push operation allowing an attacker to read arbitrary files from the n8n server potentially leadi...

9.4CVSS0.00632EPSS
Exploits0References1
patchstack
patchstack
added 2026/06/16 5:37 p.m.5 views

NPM: n8n: Git Node Clone and Push Operations Bypass File Sandbox

NPM: n8n: Git Node Clone and Push Operations Bypass File Sandbox vulnerability discovered by ? in WordPress Npm n8n versions 1.123.48...

7.7CVSS5.8AI score0.00495EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/06/10 10:11 p.m.10 views

CVE-2026-47734 Dulwich has unbounded memory allocation in receive-pack from crafted thin packs

Dulwich is a pure-Python implementation of the Git file formats and protocols. Starting in version 0.1.0 and prior to version 1.2.5, a client with push access could push a tiny crafted thin pack 174 bytes whose delta header declares a huge destsize. When dulwich ingested it via addthinpack /...

5.7CVSS5.4AI score0.00188EPSS
Exploits0References2
veracode
veracode
added 2026/05/16 5:31 a.m.17 views

Improper Authorization

Fleet is vulnerable to Improper Authorization. The vulnerability is due to incomplete application of ServiceAccount impersonation in certain Helm deployer code paths, which allows an attacker with git push access to read secrets from arbitrary namespaces on downstream clusters...

9.9CVSS6AI score0.00379EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2026/05/13 8:16 a.m.12 views

CVE-2026-41050

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their GitRepo...

9.9CVSS0.00379EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/05/13 8:4 a.m.10 views

CVE-2026-41050 Helm impersonation bypass of `RESTClientGetter` retains `cluster-admin` during template rendering

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their GitRepo...

9.9CVSS5.9AI score0.00379EPSS
Exploits0References2
nessus
nessus
added 2026/05/01 12:0 a.m.10 views

GitHub Enterprise 3.x < 3.14.25 / 3.15.x < 3.15.20 / 3.16.x < 3.16.16 / 3.17.x < 3.17.13 / 3.18.x < 3.18.7 / 3.19.x < 3.19.4 RCE (CVE-2026-3854)

The version of GitHub Enterprise installed on the remote host is affected by a remote code execution vulnerability: - An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote...

8.8CVSS6.7AI score0.35858EPSS
Exploits5References8
github
github
added 2026/04/28 3:30 p.m.16 views

Securing the git push pipeline: Responding to a critical remote code execution vulnerability

On March 4, 2026, we received a vulnerability report through our Bug Bounty program from researchers at Wiz describing a critical remote code execution vulnerability affecting github.com, GitHub Enterprise Cloud, GitHub Enterprise Cloud with Data Residency, GitHub Enterprise Cloud with Enterprise...

8.8CVSS7.4AI score0.35858EPSS
Exploits5
redhatcve
redhatcve
added 2026/03/26 3:4 p.m.10 views

CVE-2026-3854

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...

8.8CVSS6.4AI score0.35858EPSS
Exploits5References1
euvd
euvd
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10744

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...

8.7CVSS6.3AI score0.35858EPSS
Exploits5References7
nvd
nvd
added 2026/03/10 6:19 p.m.7 views

CVE-2026-3854

An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were not properly...

8.8CVSS0.35858EPSS
Exploits5References7
cve
cve
added 2026/03/10 5:37 p.m.88 views

CVE-2026-3854

CVE-2026-3854 describes an RCE vulnerability in GitHub Enterprise Server arising during git push option handling. An attacker with push access could abuse unsanitized user-supplied push option values that are incorporated into internal service headers; because the header format uses a delimiter t...

8.8CVSS6.4AI score0.35858EPSS
Exploits5References7Affected Software1
redhatcve
redhatcve
added 2026/02/07 7:31 p.m.4 views

CVE-2026-23632

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, the endpoint "PUT /repos/:owner/:repo/contents/" does not require write permissions and allows access with read permission only via repoAssignment. After passing the permission check, PutContents invokes UpdateRepoFile,...

6.5CVSS5.5AI score0.00282EPSS
Exploits0References1
snyk
snyk
added 2026/02/06 6:52 p.m.6 views

Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the PutContents function accessible via the /repos/:owner/:repo/contents/ endpoint. A user with read permissions can modify repository contents via git push. Remediation Upgrade gogs.io/gogs/internal/osutil to...

7.1CVSS5.5AI score0.00282EPSS
Exploits0References2
Rows per page
Query Builder