CVE-2025-15414

A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...

CVE-2025-15414

The CVE-2025-15414 issue affects go-sonic up to version 1.1.4, specifically the FetchTheme function in service/theme/git_fetcher.go of the Theme Fetching API. The root cause is manipulation of the uri argument that enables server-side request forgery (SSRF), with the attack potentially executable...

CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery

A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...

OPENSUSE-SU-2025:20130-1 Security update for bash-git-prompt

This update for bash-git-prompt fixes the following issues: - CVE-2025-61659: Fixed an issue where predictable files in /tmp were used for a copy of the git index bsc1247489...

CLSA-2025-1767003835 git-lfs: Fix of CVE-2025-26625

CVE-2025-26625: prevent git lfs checkout and git lfs pull write outside repo...

Exploit for Improper Encoding or Escaping of Output in Git

CVE-2024-52005: ANSI Escape Sequence Injection in Git Over...

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

AlmaLinux 10 : git-lfs (ALSA-2025:23667)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23667 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLin...

RockyLinux 8 : git-lfs (RLSA-2025:23745)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23745 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the...

RockyLinux 9 : git-lfs (RLSA-2025:23744)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the...

AlmaLinux 9 : git-lfs (ALSA-2025:23744)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

git-lfs: Git LFS may write to arbitrary files via crafted symlinks

A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...

Moderate: Red Hat Security Advisory: ruby security update

An update for ruby is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

RHSA-2025:23745 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

RHSA-2025:23744 Red Hat Security Advisory: git-lfs security update

Bulletin has no description...

Important: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

git-lfs: Git LFS may write to arbitrary files via crafted symlinks

A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...

git-lfs: Git LFS may write to arbitrary files via crafted symlinks

A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...

AlmaLinux 8 : git-lfs (ALSA-2025:23745)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23745 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...

RHEL 10 : ruby (RHSA-2025:23927)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23927 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...