Lucene search
K

87 matches found

Prion
Prion
added 2018/07/16 6:29 p.m.22 views

Information disclosure

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

5CVSS7.3AI score0.01362EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/07/16 6:29 p.m.21 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS6.3AI score0.01362EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2018/07/16 6:29 p.m.30 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS6.9AI score0.01539EPSS
Exploits0References3
OSV
OSV
added 2018/07/16 6:29 p.m.11 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS7.5AI score0.01362EPSS
Exploits0References2
OSV
OSV
added 2018/07/16 6:29 p.m.13 views

UBUNTU-CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS6.9AI score0.01539EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/07/16 6:0 p.m.36 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

5.9CVSS7.3AI score0.01362EPSS
Exploits0References2
CVE
CVE
added 2018/07/16 6:0 p.m.75 views

CVE-2018-10859

git-annex (CVE-2018-10859) is vulnerable to Information Exposure when decrypting files. A malicious server on a special remote could trick git-annex into decrypting data encrypted to the user’s gpg key, exposing encrypted data not stored in git-annex. Public advisories show fixes in git-annex aro...

7.5CVSS7.2AI score0.01362EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2018/07/16 6:0 p.m.59 views

CVE-2018-10859

git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...

7.5CVSS6.5AI score0.01362EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/07/12 12:0 a.m.27 views

Fedora Update for git-annex FEDORA-2018-7e8c49a451

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01539EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/07/12 12:0 a.m.32 views

Fedora Update for git-annex FEDORA-2018-e22c8eb218

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01539EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/12 12:0 a.m.30 views

Fedora 27 : git-annex (2018-7e8c49a451)

Update to 6.20180626 Security fix for CVE-2018-10857 and CVE-2018-10859 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...

7.5CVSS6.8AI score0.01539EPSS
Exploits0References3
Fedora
Fedora
added 2018/07/11 8:22 p.m.38 views

[SECURITY] Fedora 28 Update: git-annex-6.20180626-1.fc28

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

7.5CVSS0.6AI score0.01539EPSS
Exploits0
Fedora
Fedora
added 2018/07/11 7:31 p.m.30 views

[SECURITY] Fedora 27 Update: git-annex-6.20180626-1.fc27

Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...

7.5CVSS0.6AI score0.01539EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2018/07/06 12:9 a.m.73 views

Security update for git-annex (moderate)

This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

0.6AI score0.01539EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/07/06 12:9 a.m.76 views

Security update for git-annex (moderate)

This update for git-annex to version 6.20180626 fixes the following issues: - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

0.6AI score0.01539EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2018/07/06 12:0 a.m.30 views

openSUSE Security Update : git-annex (openSUSE-2018-697)

This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...

7.5CVSS6.8AI score0.01539EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2018/07/06 12:0 a.m.23 views

openSUSE: Security Advisory for git-annex (openSUSE-SU-2018:1896-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.01539EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2018/07/06 12:0 a.m.4 views

PT-2018-10145

Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns a private data exposure and exfiltration attack in git-annex. It could expose the content of files located outside the git-annex repository or content from a private web...

10CVSS8AI score0.77823EPSS
Exploits12References46
Positive Technologies
Positive Technologies
added 2018/07/06 12:0 a.m.5 views

PT-2018-10146

Name of the Vulnerable Software and Affected Versions git-annex affected versions not specified Description The issue concerns an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's GPG...

10CVSS7.9AI score0.77823EPSS
Exploits12References45
ArchLinux
ArchLinux
added 2018/07/04 12:0 a.m.27 views

[ASA-201807-2] git-annex: multiple issues

Arch Linux Security Advisory ASA-201807-2 ========================================= Severity: High Date : 2018-07-04 CVE-ID : CVE-2018-10857 CVE-2018-10859 Package : git-annex Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-725 Summary ======= The package git-annex...

7.5CVSS0.5AI score0.01539EPSS
Exploits0References5
Rows per page
Query Builder