MAL-2026-4573 Malicious code in git-userhub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 859f77ac10aa89722823e0477f8f6986db2b54dd25b1b2aedb05ee31d5891071 Package name 'git-userhub' is a lookalike of a GitHub-related identity, with no legitimate publisher backing. The package.json declares a postinstall...

Malicious code in git-userhub (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 859f77ac10aa89722823e0477f8f6986db2b54dd25b1b2aedb05ee31d5891071 Package name 'git-userhub' is a lookalike of a GitHub-related identity, with no legitimate publisher backing. The package.json declares a postinstall...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Exploit for Path Traversal in Gogs

CVE-2025-8110 PoC Python proof-of-concept script for triggerin...

RHSA-2026:19350 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

RHSA-2026:19133 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

Astra Linux - уязвимость в git

Git is a fast, scalable, distributed revision control system with an unusually rich command set. It offers both high-level operations and full access to its internal workings. When reading a config value, Git removes any trailing carriage return and line feed CRLF characters. When writing a confi...

Astra Linux - уязвимость в git

Git is a version control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that were longer than 1024 characters could be used to exploit a bug in...

Astra Linux - уязвимость в git

Git is a distributed revision control system. Versions of Git prior to 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 were vulnerable to privilege escalation on all platforms. A careless user could still be affected by the issue reported in CVE-2022-24765, for example, when...

Astra Linux - уязвимость в git

Git is a version control system. Before versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories containing submodules could be exploited through a bug in Git. This bug allowed an attacker to manipulate the creation of files—specifically, files that were written into the...

Astra Linux - уязвимость в git

Git is a revision control system. The Git project recommends avoiding working in untrusted repositories. Instead, clone the repository first with git clone --no-local to obtain a clean copy. Git has specific protections to ensure that this operation is safe, even when working with untrusted sourc...

Astra Linux - уязвимость в node-hosted-git-info

Packages that use hosted-git-info before version 3.0.8 are vulnerable to Regular Expression Denial of Service ReDoS attacks due to the regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expressions have a polynomial worst-case time complexity...

Astra Linux - уязвимость в git

Git is a fast, scalable, distributed revision control system with a rich set of commands. It offers both high-level operations and full access to its internal workings. When Git requests credentials via a terminal prompt i.e., without using any credential helpers, it prints out the host name for...

Astra Linux - уязвимость в git

Git is a distributed revision control system. git log can display commits in an arbitrary format using its --format specifiers. This functionality is also exposed to git archive via the export-subst gitattribute. When processing the padding operators, there is an integer overflow in...

Astra Linux - уязвимость в git

Git GUI allows you to use Git source control management tools through a graphical interface. When a user clones an untrusted repository and is tricked into editing a file located in a directory with a malicious name in the repository, Git GUI can create and overwrite files for which the user has...

Astra Linux - уязвимость в git

Git is an open-source, scalable, distributed version control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are vulnerable to exposure of sensitive information by malicious actors. When performing a local clone where the source and target of the clone...

Astra Linux - уязвимость в git-lfs

Git LFS is an extension to Git for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository’s working tree with the contents of Git LFS objects, certain Git LFS commands might write to files that are visible outside the current Git working tree, if symboli...

Astra Linux - уязвимость в git

Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. These untrusted parties could create the folder C:.git, which would be included in Git...

Astra Linux - уязвимость в git

Git is a fast, scalable, distributed revision control system with a rich set of commands that provide both high-level operations and full access to its internal workings. Git defines a line-based protocol used to exchange information between Git and Git credential helpers. Some ecosystems...

Astra Linux - уязвимость в libgit2

libgit2 is a portable C implementation of the Git core methods, provided as a linkable library with a robust API. It allows for integrating Git functionality into your application. However, using properly crafted inputs to gitindexadd can lead to heap corruption, which may be exploited for...