7 matches found
EUVD-2022-5497
Malicious code in bioql PyPI...
GHSA-W4XH-W33P-4V29 GitHub Git LFS Arbitrary command execution vulnerability
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a url = line in a .lfsconfig file within a repository. Specific Go Packages Affected github.com/git-lfs/git-lfs/lfsapi...
GitHub Git LFS Arbitrary command execution vulnerability
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a url = line in a .lfsconfig file within a repository. Specific Go Packages Affected github.com/git-lfs/git-lfs/lfsapi...
CVE-2017-17831
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...
Arbitrary file deletion
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...
UBUNTU-CVE-2017-17831
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...
CVE-2017-17831
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...