20 matches found
EUVD-2021-2052
Malware in sbrugna...
Important: Red Hat Security Advisory: RHV 4.4 SP1 [ovirt-4.5.3-3] security update
Updated RHV packages that fix several bugs and add various enhancements are now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
isomorphic-git: Directory traversal via a crafted repository
A flaw was found in isomorphic-git. An attacker could cause a Directory Traversal via a crafted filepath in a repository being cloned...
RHEL 8 : RHV 4.4 SP1 [ovirt-4.5.3-3] (RHSA-2023:0074)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0074 advisory. The ovirt-engine package provides the Red Hat Virtualization Manager, a centralized management platform that allows system administrators to...
GHSA-V82V-RQ72-PHQ9 Server side request forgery in @isomorphic-git/cors-proxy
The package @isomorphic-git/cors-proxy before 2.7.1 is vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js...
Server side request forgery in @isomorphic-git/cors-proxy
The package @isomorphic-git/cors-proxy before 2.7.1 is vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js...
CVE-2021-23664
CVE-2021-23664 affects @isomorphic-git/cors-proxy before 2.7.1. The vulnerability is Server-side Request Forgery (SSRF) due to missing sanitization and validation of the redirection action in middleware.js. Exploitation details and public disclosures are present in connected advisories (GHSA/Snyk...
isomorphic-git 代码问题漏洞
isomorphic-git is a pure JavaScript implementation of open source git for node and browser environments including WebWorkers and ServiceWorkers. A security vulnerability exists in isomorphic-git cors-proxy versions prior to 2.7.1, which stems from a lack of cleanup and validation of redirect...
Server-side Request Forgery (SSRF)
Overview @isomorphic-git/cors-proxy is a Proxy clone and push requests for the browser Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to missing sanitization and validation of the redirection action in middleware.js. PoC GET...
Directory Traversal in isomorphic-git
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
GHSA-FGXQ-P49F-QW99 Directory Traversal in isomorphic-git
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
9remote (>=0.1.0 <=0.1.1), @0xlabs/ipfs-github (>=0.0.1 <=0.0.2) +1839 more potentially affected by CVE-2021-30483 via isomorphic-git (>=0.11.3 <=1.8.10)
isomorphic-git NPM version =0.11.3, =0.1.0, =0.0.1, =0.4.0, =0.0.1-alpha, =23.0.0, =35.0.0, =15.0.0, =1.0.1, =0.9.12, =0.3.0-SNAPSHOT.293, =1.0.0, =2.6.0, =1.0.0, =1.1.147 and more Source cves: CVE-2021-30483 Source advisory: OSV:GHSA-FGXQ-P49F-QW99...
isomorphic-git path traversal vulnerability
isomorphic-git is a pure JavaScript implementation of open source git for node and browser environments including WebWorkers and ServiceWorkers. isomorphic-git is vulnerable to path traversal prior to 1.8.2, which stems from the fact that isomorphic-git allows directory traversal via carefully...
CVE-2021-30483
A flaw was found in isomorphic-git. An attacker could cause a Directory Traversal via a crafted filepath in a repository being cloned...
CVE-2021-30483
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
CVE-2021-30483
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
Directory traversal
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
isomorphic-git 路径遍历漏洞
isomorphic-git is a pure JavaScript implementation of open source git for node and browser environments including WebWorkers and ServiceWorkers. isomorphic-git is vulnerable to path traversal prior to 1.8.2, which stems from the fact that isomorphic-git allows directory traversal via carefully...
CVE-2021-30483
CVE-2021-30483 affects isomorphic-git prior to 1.8.2 and is described as a Directory Traversal via a crafted repository. The primary technical detail available: the vulnerability exists in isomorphic-git’s handling of repository data, enabling directory traversal. The effect is implied as path tr...
CVE-2021-30483
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...