34 matches found
ruby:3.1 security, bug fix, and enhancement update
ruby 3.1.4-143 - Upgrade to Ruby 3.1.4. Resolves: RHEL-5586 - Fix HTTP response splitting in CGI. Resolves: RHEL-5591 - Fix ReDos vulnerability in URI. Resolves: RHEL-28919 Resolves: RHEL-5612 - Fix ReDos vulnerability in Time. Resolves: RHEL-28920 - Make RDoc soft dependency in IRB. Resolves:...
Deserialization Gadget chain in Swift Mailer dependancy
Summary Symfony 1 has a gadget chain due to vulnerable Swift Mailer dependency that would enable an attacker to get remote code execution if a developer unserialize user input in his project. Details This vulnerability present no direct threat but is a vector that will enable remote code executio...
AZL-35082 CVE-2023-51385 affecting package openssh for versions less than 9.7p1-1
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or...
DEBIAN-CVE-2023-51385
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or...
GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`
...
CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that are longer than 1024 characters can used to exploit a bug in...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab
It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID present in the provided context is CVE-2016-9086. The target product/service or framework is GitLab. The vulnerability class/vector is not explicitly stated, but it is likely related to the mentioned...
ALPINE-CVE-2019-19604
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...
DEBIAN-CVE-2019-19604
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository...
Atlassian SourceTree 1.2 < 3.1.1 Multiple remote code execution vulnerabilities
The version of Atlassian SourceTree installed on the remote Windows host is version 1.2 prior to 3.1.1. It is, therefore, affected by multiple remote code execution vulnerabilities. - An option injection vulnerability exists in the git submodule component. An unauthenticated, remote attacker can...
Atlassian SourceTree 0.5a < 3.0.17 Multiple remote code execution vulnerabilities
The version of Atlassian SourceTree installed on the remote Windows host is version 0.5a prior to 3.0.17. It is, therefore, affected by multiple remote code execution vulnerabilities. - An option injection vulnerability exists in the git submodule component. An unauthenticated, remote attacker ca...
Git Submodule - Arbitrary Code Execution
CVE-2018-17456 I've gotten a couple of questions about exploitation for the recent RCE in Git. So here we go with some technical details. TL;DR Here is a PoC repository. EDB Note: Mirror https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/45631.zip Exploitation The...
Git Submodule Arbitrary Code Execution Vulnerability
Git is an open source distributed version control system A security vulnerability in the handling of the '-' character in the Git Submodule allows remote attackers to exploit the vulnerability by submitting a special request that can execute arbitrary code...
GitLab: Stored XSS on Files overview by abusing git submodule URL
Vulnerability description There's a stored Cross-Site Scripting XSS vulnerability in the Files overview of a project due to the incorrect handling of a git submodule. This allows an attacker to execute JavaScript in a visitor's session. Proof of concept To reproduce the issue, the attacker needs ...