CVE-2024-5795 Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed resource exhaustion

A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version...

CVE-2024-5795 Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed resource exhaustion

A Denial of Service vulnerability was identified in GitHub Enterprise Server that allowed an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version...

PT-2024-37160 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.14 Description: A Denial of Service issue was identified in GitHub Enterprise Server, allowing an attacker to cause unbounded resource exhaustion by sending a large payload to the Git server. This...

go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients

A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution...

go-git: Maliciously crafted Git server replies can cause DoS on go-git clients

A denial of service DoS vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients...

jenkins-2-plugins: git-server plugin arbitrary file read vulnerability

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system...

jenkins-2-plugins: git-server plugin arbitrary file read vulnerability

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system...

jenkins-2-plugins: git-server plugin arbitrary file read vulnerability

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system...

RHEL 9 : go-git (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients...

Improper Authorization

org.jenkins-ci.plugins: git-server is vulnerable to Improper Authorization. The vulnerability is due to improper permission checks for read access to a Git repository over SSH. This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git...

CVE-2024-34146

A flaw was found in the Jenkins Git server Plugin, involving inadequate permission validation for reading Git repositories over SSH. Through the manipulation of crafted requests, a malicious actor can attain unauthorized read access to a Git repository over SSH. Subsequently, they could utilize...

Jenkins Git server Plugin does not perform a permission check

Jenkins Git server Plugin 114.v068ac7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH. This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git repositories. Git server Plugin...

CVE-2024-34146

Jenkins Git server Plugin 114.v068ac7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories...

CVE-2024-34146

Jenkins Git server Plugin 114.v068ac7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories...

Jenkins Plugin Git server 安全漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...

PT-2024-25717 · Jenkins · Jenkins Git Server Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Git server Plugin versions 114.v068a c7cc2574 and earlier Description: The issue is related to a lack of permission check for read access to a Git repository over SSH. Attackers with a previously configured SSH public key but lacking...

Jenkins plugins Multiple Vulnerabilities (2024-05-02)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - High Script Security Plugin provides a sandbox feature that allows low privileged users to define scripts, including Pipelines, that are...

RHEL 8 : Release of OpenShift Serverless Client kn 1.31.1 (RHSA-2024:0880)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0880 advisory. Red Hat OpenShift Serverless Client kn 1.31.1 provides a CLI to interact with Red Hat OpenShift Serverless 1.31.1. The kn CLI is delivered a...

go-git: Maliciously crafted Git server replies can cause DoS on go-git clients

A denial of service DoS vulnerability was found in the go library go-git. This issue may allow an attacker to perform denial of service attacks by providing specially crafted responses from a Git server, which can trigger resource exhaustion in go-git clients...

The vulnerability of the args4j plugin for Jenkins’ Git server allows a hacker to read the first two lines of arbitrary files.

The vulnerability of the args4j library plugin for Jenkins’ Git server plugin is related to an incorrect restriction on the path name of the restricted directory. Exploiting this vulnerability could allow a malicious actor to read the first two lines of arbitrary files...