[SECURITY] Fedora 29 Update: eclipse-jgit-5.2.0-4.fc29

A pure Java implementation of the Git version control system...

kimageformats/kimgio_fuzzer: Crash in BLEND_SOURCE_OVER_ARGB32_WITH_CONST_ALPHA_AVX2

Project: git://anongit.kde.org/kimageformats Detailed report: https://oss-fuzz.com/testcase?key=5765015108321280 Project: kimageformats Fuzzer: aflkimageformatskimgiofuzzer Fuzz target binary: kimgiofuzzer Job Type: aflasankimageformats Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...

GitLab: Persistent XSS via e-mail when creating merge requests

Summary: The vulnerability consists in the ability to create branch names that contain characters such as /. This branch name is sent via e-mail which is rendered as HTML. Description: One way to exploit this is by forking a repository. Then an attacker would create a branch called alert1 and mak...

CVE-2019-4059

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583...

CVE-2019-4059

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583...

CVE-2019-4059

IBM Rational ClearCase GIT connector version 1.0.0.0 exposes the document database password due to insufficient protection, allowing an attacker to obtain the password and gain unauthorized access to the document database. Root cause: inadequate protection of local credentials in the GIT connecto...

CVE-2019-4059

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583...

PT-2019-16871 · Ibm · Ibm Rational Clearcase

Name of the Vulnerable Software and Affected Versions: IBM Rational ClearCase version 1.0.0.0 Description: The issue concerns insufficient protection of the document database password in the GIT connector. This could allow an attacker to obtain the password, resulting in unauthorized access to th...

Lazygit - Simple Terminal UI For Git Commands

A simple terminal UI for git commands, written in Go with the gocui library. Are YOU tired of typing every git command directly into the terminal, but you're too stubborn to use Sourcetree because you'll never forgive Atlassian for making Jira? This is the app for you! Installation Homebrew brew...

Security Bulletin: IBM Rational ClearCase GIT connector password exposure (CVE-2019-4059)

Summary The local database password is not properly protected in the ClearCase GIT connector. Vulnerability Details CVEID: CVE-2019-4059 DESCRIPTION: The ClearCase GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthoriz...

Photon OS 2.0: Git PHSA-2018-2.0-0053

An update of the git package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0053. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121953;...

Photon OS 1.0: Git PHSA-2018-1.0-0145

An update of the git package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0145. The text itself is copyright C VMware, Inc. include"compat.inc"; if description scriptid121844;...

Cross site request forgery (csrf)

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

CVE-2019-1003010

The CVE-2019-1003010 entry concerns Jenkins Git Plugin (versions 3.9.1 and earlier). The issue is a cross-site request forgery in src/main/java/hudson/plugins/git/GitTagAction.java that lets an attacker create a Git tag in a workspace and attach metadata to a build record. The documents do not sp...

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

Netsniff-Ng - A Swiss Army Knife For Your Daily Linux Network Plumbing

netsniff-ng is a free Linux networking toolkit, a Swiss army knife for your daily Linux network plumbing if you will. Its gain of performance is reached by zero-copy mechanisms, so that on packet reception and transmission the kernel does not need to copy packets from kernel space to user space a...

Node.js third-party modules: [glance] Access unlisted internal files/folders revealing sensitive information

I would like to report sensitive information disclosure in glance. Similar to 486933 in ways Module module name: glance version: 3.0.5 npm page: https://www.npmjs.com/package/glance Module Description a quick disposable http server for static files Module Stats weekly downloads 41 Vulnerability...