Lucene search
K

9 matches found

NVD
NVD
added 2026/06/23 5:17 p.m.7 views

CVE-2026-49465

n8n is an open source workflow automation platform. Prior to 1.123.48, 2.21.8, and 2.22.4, an authenticated user with permission to create or modify workflows could supply a local filesystem path as the source repository in the Git node's Clone operation, or as the target repository in the Push...

7.7CVSS0.00495EPSS
Exploits0References1
Snyk
Snyk
added 2026/03/30 5:17 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the handling of .idx files. An attacker with write access to the local repository's .git directory can exhaust system memory by introducing a maliciously crafted .idx file int...

6.9CVSS5.9AI score0.00147EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2024/05/17 7:0 a.m.5 views

Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will

...

3.9CVSS6.7AI score0.00519EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/08/30 2:14 a.m.2 views

SUSE CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS6.9AI score0.00465EPSS
Exploits1References4
OSV
OSV
added 2023/08/29 11:33 p.m.5 views

GHSA-WFM5-V35H-VWF4 GitPython untrusted search path on Windows systems leading to arbitrary code execution

Summary When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment see big warning in https://docs.python.org/3/library/subprocess.htmlpopen-constructor. GitPython defaults to use the git command, if a user runs GitPython from a repo has a...

8.6CVSS7.3AI score0.00465EPSS
Exploits1References9
PyPA
PyPA
added 2023/08/28 6:15 p.m.6 views

PYSEC-2023-161

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS7.6AI score0.00465EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2023/08/28 6:15 p.m.2 views

UBUNTU-CVE-2023-40590

GitPython is a python library used to interact with Git repositories. When resolving a program, Python/Windows look for the current working directory, and after that the PATH environment. GitPython defaults to use the git command, if a user runs GitPython from a repo has a git.exe or git...

7.8CVSS7.2AI score0.00465EPSS
Exploits1References4
ThreatPost
ThreatPost
added 2021/12/23 7:4 p.m.25 views

4-Year-Old Microsoft Azure Zero-Day Exposes Web App Source Code

The Microsoft Azure App Service has a four-year-old vulnerability that could reveal the source code of web apps written in PHP, Python, Ruby or Node, researchers said, that were deployed using Local Git. The bug has almost certainly been exploited in the wild as a zero-day, according to an analys...

7.4AI score
Exploits0References2
The Hacker News
The Hacker News
added 2021/12/23 7:51 a.m.52 views

4-Year-Old Bug in Azure App Service Exposed Hundreds of Source Code Repositories

A security flaw has been unearthed in Microsoft's Azure App Service that resulted in the exposure of source code of customer applications written in Java, Node, PHP, Python, and Ruby for at least four years since September 2017. The vulnerability, codenamed "NotLegit," was reported to the tech...

7.1AI score
Exploits0
Rows per page
Query Builder