10062 matches found
CVE-2018-10857
CVE-2018-10857 affects the Git-annex project. The vulnerability allows private data exposure by exposing content of files outside the git-annex repository or content from a private web server on localhost or the LAN. Public sources in connected documents indicate that a fix was released in git-an...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
Information disclosure
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
DEBIAN-CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
UBUNTU-CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
CVE-2018-10859
git-annex (CVE-2018-10859) is vulnerable to Information Exposure when decrypting files. A malicious server on a special remote could trick git-annex into decrypting data encrypted to the user’s gpg key, exposing encrypted data not stored in git-annex. Public advisories show fixes in git-annex aro...
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex...
OpenConext-EngineBlock 5.7.3 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications XSS vulnerabilities were found in multiple pages that allows an attacker to inject arbitrary web scripts. The Twig PHP extension configuration was not sanitizing user input before display it to the user. Issues fixed in version 5.7.4 and 5.8.0...
Fedora Update for git-annex FEDORA-2018-e22c8eb218
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for git-annex FEDORA-2018-7e8c49a451
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : git-annex (2018-7e8c49a451)
Update to 6.20180626 Security fix for CVE-2018-10857 and CVE-2018-10859 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introduci...
[SECURITY] Fedora 28 Update: git-annex-6.20180626-1.fc28
Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...
[SECURITY] Fedora 27 Update: git-annex-6.20180626-1.fc27
Git-annex allows managing files with git, without checking the file contents into git. While that may seem paradoxical, it is useful when dealing with f iles larger than git can currently easily handle, whether due to limitations in memory, time, or disk space. It can store large files in many...
UBUNTU-CVE-2018-10887
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in gitdeltaapply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw...
ALPINE-CVE-2018-10888
A flaw was found in libgit2 before version 0.27.3. A missing check in gitdeltaapply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service...
git: path sanity check in is_ntfs_dotgit() can read arbitrary memory
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory...
Important: Red Hat Security Advisory: rh-git29-git security update
An update for rh-git29-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...