508 matches found
PT-2026-55607
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.26.3 Description Git LFS Large File Storage object reuse allows users with repository access to authorize private source objects even if they lack Code-unit access. Recommendations Update Gitea to version 1.26.3 or...
PT-2026-55598
Name of the Vulnerable Software and Affected Versions Gitea versions prior to 1.25.5 Description LFS push and sync mirror operations do not utilize the migration HTTP transport. This behavior allows LFS requests to bypass the configured migration transport protections. Recommendations Update Gite...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...
RHSA-2026:30855 Red Hat Security Advisory: git-lfs security update
Bulletin has no description...
RHEL 10 : git-lfs (RHSA-2026:30855)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:30855 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing...
Oracle Linux 8 : git-lfs (ELSA-2026-30853)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30853 advisory. - Backport CVE-2026-39821 fix vendored golang.org/x/net IDNA Tenable has extracted the preceding description block directly from the Oracle Linux security...
AlmaLinux 10 : git-lfs (ALSA-2026:30855)
The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:30855 advisory. golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing CVE-2026-39821 Tenable has extracted the...
Oracle Linux 9 : git-lfs (ELSA-2026-30854)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-30854 advisory. - Fix CVE-2026-39821: vendored golang.org/x/net/idna ToUnicode incorrectly accepting all-ASCII xn-- labels Tenable has extracted the preceding description bloc...
RHSA-2026:30854 Red Hat Security Advisory: git-lfs security update
Bulletin has no description...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Oracle Linux 9 : git-lfs (ELSA-2026-19350)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-19350 advisory. 3.7.1-4 - Rebuild with new Golang - Resolves: RHEL-158765, RHEL-166675, RHEL-167677, RHEL-170838 Tenable has extracted the preceding description block...
CLEANSTART-2026-PE03587 Security fixes for CVE-2021-38561, CVE-2022-27191 applied in versions: 3.1.2-r3, 3.1.2-r4
Multiple security vulnerabilities affect the git-lfs package. These issues are resolved in later releases. See references for individual vulnerability details...
CLEANSTART-2026-RR97166 Security fixes for CVE-2021-38561, CVE-2022-27191 applied in versions: 3.1.2-r3, 3.1.2-r4
Multiple security vulnerabilities affect the git-lfs package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-39821 affecting package git-lfs for versions less than 3.6.1-3
CVE-2026-39821 affecting package git-lfs for versions less than 3.6.1-3. A patched version of the package is available...
Debian dla-4610 : git-lfs - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4610 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 4610-1] git-lfs security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4610-1 [email protected] https://www.debian.org/lts/security/ Andrej Shadura May 31, 2026 https://wiki.debian.org/LTS -...
RLSA-2026:19133 Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, video...
git-lfs security update
An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...