Lucene search
K

506 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.15 views

RHEL 8 : git-lfs (RHSA-2026:20584)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:20584 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing t...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/05/26 4:27 a.m.22 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

7.5CVSS7.3AI score0.00728EPSS
Exploits0References2
Amazon
Amazon
added 2026/05/26 12:0 a.m.26 views

Important: git-lfs

Issue Overview: Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escapi...

7.5CVSS7.2AI score0.00813EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.20 views

TencentOS Server 3: git-lfs (TSSA-2026:0380)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0380 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References5
OSV
OSV
added 2026/05/21 10:8 a.m.12 views

RHSA-2026:19722 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.8CVSS5.7AI score0.00621EPSS
Exploits0References25
OSV
OSV
added 2026/05/21 10:8 a.m.10 views

RHSA-2026:19715 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.8CVSS7.3AI score0.00621EPSS
Exploits0References25
RedHat Linux
RedHat Linux
added 2026/05/20 5:7 p.m.20 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS7.4AI score0.00621EPSS
Exploits0References4
OSV
OSV
added 2026/05/20 10:10 a.m.8 views

RHSA-2026:19350 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.8CVSS5.7AI score0.00728EPSS
Exploits0References33
OSV
OSV
added 2026/05/20 10:9 a.m.8 views

RHSA-2026:19133 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.8CVSS7.3AI score0.00728EPSS
Exploits0References33
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in git-lfs

Git LFS is an extension to Git for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository’s working tree with the contents of Git LFS objects, certain Git LFS commands might write to files that are visible outside the current Git working tree, if symboli...

8.6CVSS7.1AI score0.00707EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 4:19 p.m.20 views

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2026/05/19 12:0 a.m.15 views

Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.5CVSS7.4AI score0.00728EPSS
Exploits0References10
EUVD
EUVD
added 2026/05/17 12:11 p.m.13 views

EUVD-2018-21853

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

9.8CVSS6.6AI score0.00589EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/17 12:11 p.m.9 views

CVE-2018-25332

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

9.8CVSS6.6AI score0.00589EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/05/17 12:11 p.m.42 views

CVE-2018-25332 GitBucket 4.23.1 Unauthenticated Remote Code Execution

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

9.8CVSS0.00589EPSS
Exploits1References4
OSV
OSV
added 2026/05/14 6:1 p.m.13 views

RLSA-2026:16875 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 golang:...

7.8CVSS7.4AI score0.00728EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-021350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021350 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is...

7.5CVSS7.1AI score0.00459EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.8 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-021307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021307 advisory. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is us...

9.1CVSS6.6AI score0.00724EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: git-lfs (UTSA-2026-019019)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-019019 advisory. Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Tenable...

7.5CVSS6.9AI score0.01403EPSS
Exploits0References4
OSV
OSV
added 2026/05/13 10:14 a.m.16 views

RHSA-2026:16875 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

7.8CVSS7.3AI score0.00728EPSS
Exploits0References33
Rows per page
Query Builder