623 matches found
RockyLinux 9 : git-lfs (RLSA-2025:23744)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the...
AlmaLinux 9 : git-lfs (ALSA-2025:23744)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23744 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLinu...
AlmaLinux 10 : git-lfs (ALSA-2025:23667)
The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:23667 advisory. git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 Tenable has extracted the preceding description block directly from the AlmaLin...
git-lfs: Git LFS may write to arbitrary files via crafted symlinks
A flaw was found in Git LFS. Running git lfs checkout and git lfs pull in a specially crafted repository, specifically with symbolic or hard links tracked by Git LFS and pointing to files outside the working tree or in a bare repository, can cause Git LFS to write to arbitrary file system locatio...
Moderate: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
RHSA-2025:23745 Red Hat Security Advisory: git-lfs security update
Bulletin has no description...
RHSA-2025:23744 Red Hat Security Advisory: git-lfs security update
Bulletin has no description...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: git-lfs security update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: git-lfs: Git LFS may write to arbitrary files via crafted symlinks CVE-2025-26625 For more detai...
RHEL 10 : ruby (RHSA-2025:23927)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23927 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Oracle Linux 9 : git-lfs (ELSA-2025-23744)
The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-23744 advisory. - Backport fix for CVE-2025-26625 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...
git-lfs security update
3.4.1-6 - Backport CVE-2025-26625 fixes - Resolves: RHEL-122423...
Oracle Linux 10 : git-lfs (ELSA-2025-23667)
The remote Oracle Linux 10 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2025-23667 advisory. 3.6.1-4 - Backport fix for CVE-2025-26625 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...
Important: Red Hat Security Advisory: git-lfs security update
An update for git-lfs is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
RHEL 10 : git-lfs (RHSA-2025:23667)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:23667 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing...
RHEL 9 : ruby:3.3 (RHSA-2025:23648)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23648 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Amazon Linux 2023 : git-lfs (ALAS2023-2025-1258)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1258 advisory. Git LFS is a Git extension for versioning large files. In Git LFS versions 0.5.2 through 3.7.0, when populating a Git repository's working tree with the contents of Git LFS objects, certain Gi...
CLSA-2025-1762539123 git-lfs: Fix of 6 CVEs
Rebuild with golang = 1.22.5.tuxcare.els7 to fix CVE-2024-24790, CVE-2024-34156, CVE-2023-45288, CVE-2023-39322, CVE-2023-39321, CVE-2024-24788...
GO-2025-4038 Git LFS may write to arbitrary files via crafted symlinks in github.com/git-lfs/git-lfs
Git LFS may write to arbitrary files via crafted symlinks in github.com/git-lfs/git-lfs...
Malicious Package
Overview lfs-ui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...