OPENSUSE-SU-2020:0123-1 Security update for git

This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice bsc1158787. - CVE-2019-19604: Fixed a recursive clone...

Kibana 6.6.1 - CSV Injection Vulnerability

Exploit for windows platform in category web applications Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1...

Kibana 6.6.1 - CSV Injection

Kibana 6.6.1 - CSV Injection Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest...

Security update for git (important)

openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2020:0123-1 Rating: important References: 1082023 1149792 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 Cross-References: CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352...

CVE-2013-4582

The 1 createbranch, 2 createtag, 3 importproject, and 4 forkproject functions in lib/gitlabprojects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local file...

CVE-2013-4582

CVE-2013-4582 affects GitLab: the functions create_branch, create_tag, import_project, and fork_project in lib/gitlab_projects.rb allow remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. Affected are GitLab 5.0 up to 5.4...

CVE-2013-4582

Removed by vendor...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

DEBIAN-CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

UBUNTU-CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

Code injection

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The CVE-2012-6114 issue affects the git-changelog utility in git-extras 1.7.0. A local user can cause a symlink attack targeting /tmp/changelog or /tmp/.git-effort, enabling overwriting of arbitrary files. The root cause is a symlink/privilege-exacerbated file-write vulnerability in the utility’s...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

CVE-2012-6114

The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on 1 /tmp/changelog or 2 /tmp/.git-effort...

RHEL 8 : git (RHSA-2020:0228)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0228 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a...

git: Files inside the .git directory may be overwritten during cloning via NTFS Alternate Data Streams

A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387...

git: Arbitrary path overwriting via export-marks in-stream command feature

A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwrite arbitrary...

git: Remote code execution in recursive clones with nested submodules

A flaw was discovered where git improperly validates submodules' names used to construct git metadata paths and does not prevent them from being nested in existing directories used to store another submodule's metadata. A remote attacker could abuse this flaw to trick a victim user into cloning a...