10098 matches found
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Git vulnerabilities (USN-3671-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3671-1 advisory. Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to...
Ubuntu: Security Advisory (USN-3671-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Important: git
Issue Overview: In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.CVE-2018-11233 In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16...
CloudBees Jenkins Git Plugin Multiple File Server-Side Request Forgery Vulnerability
CloudBees Jenkins is the U.S. CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . Git Plugin is used in one of the version control plugin . A...
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
Security update for git (important)
This update for fixes the following security issues: path sanity-checks on NTFS can read arbitrary memory CVE-2018-11233, boo1095218 arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235, boo1095219...
openSUSE Security Update : git (openSUSE-2018-557)
This update for fixes the following security issues : - path sanity-checks on NTFS can read arbitrary memory CVE-2018-11233, boo1095218 - arbitrary code execution when recursively cloning a malicious repository CVE-2018-11235, boo1095219 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
openSUSE: Security Advisory for git (openSUSE-SU-2018:1553-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
USN-3671-1: Git vulnerabilities
Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when "git clone --recurse-submodules" is used. CVE-2018-11235 It was discovered that an integer overflow existed ...
USN-3671-1 git vulnerabilities
Etienne Stalmans discovered that git did not properly validate git submodules files. A remote attacker could possibly use this to craft a git repo that causes arbitrary code execution when "git clone --recurse-submodules" is used. CVE-2018-11235 It was discovered that an integer overflow existed ...
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
Server side request forgery (ssrf)
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
CVE-2018-1000182
A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a...
CVE-2018-1000182
A server-side request forgery (SSRF) vulnerability exists in Jenkins Git Plugin 3.9.0 and older. In AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, and ViewGitWeb.java, attackers with Overall/Read access can cause Jenkins to send a GET request to a...
Important Photon OS Security Update - PHSA-2018-0145
Updates of 'git' packages of Photon OS have been released...
CVE-2017-16019
GitBook is a command line tool and Node.js library for building beautiful books using GitHub/Git and Markdown or AsciiDoc. Stored Cross-Site-Scripting XSS is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader...
CVE-2017-16019
GitBook is a command line tool and Node.js library for building beautiful books using GitHub/Git and Markdown or AsciiDoc. Stored Cross-Site-Scripting XSS is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader...
Cross site scripting
GitBook is a command line tool and Node.js library for building beautiful books using GitHub/Git and Markdown or AsciiDoc. Stored Cross-Site-Scripting XSS is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader...