Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.18 views

EUVD-2022-5497

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.03677EPSS
Exploits1References11
OSV
OSV
added 2022/05/14 12:55 a.m.20 views

GHSA-W4XH-W33P-4V29 GitHub Git LFS Arbitrary command execution vulnerability

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a url = line in a .lfsconfig file within a repository. Specific Go Packages Affected github.com/git-lfs/git-lfs/lfsapi...

8.8CVSS8.9AI score0.03677EPSS
Exploits1References11
Github Security Blog
Github Security Blog
added 2022/05/14 12:55 a.m.24 views

GitHub Git LFS Arbitrary command execution vulnerability

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a url = line in a .lfsconfig file within a repository. Specific Go Packages Affected github.com/git-lfs/git-lfs/lfsapi...

8.8CVSS8.9AI score0.03677EPSS
Exploits1References11Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/12/21 6:29 a.m.4 views

CVE-2017-17831

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...

8.8CVSS6.1AI score0.03677EPSS
Exploits1References6
Prion
Prion
added 2017/12/21 6:29 a.m.19 views

Arbitrary file deletion

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...

6.8CVSS9AI score0.03677EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2017/12/21 6:29 a.m.5 views

UBUNTU-CVE-2017-17831

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...

8.8CVSS7.6AI score0.03677EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2017/12/21 6:0 a.m.26 views

CVE-2017-17831

GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository...

8.8CVSS9.1AI score0.03677EPSS
Exploits1
Rows per page
Query Builder