66 matches found
The vulnerabilities of the Transfer-Encoding and Content-Length headers in the Netty network programming framework, related to deficiencies in HTTP request interpretation, allow attackers to compromise data integrity.
The vulnerability of the Transfer-Encoding and Content-Length headers in the Netty network programming framework is related to a lack of proper interpretation of HTTP requests. Exploiting this vulnerability allows an attacker to compromise the integrity of data...
EulerOS 2.0 SP5 : git (EulerOS-SA-2021-2929)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-2801)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : git (EulerOS-SA-2021-2801)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...
XML External Entity (XXE)
rhino is vulnerable to xml external entity attack. The vulnerability exists due to a lack of sanitization of DOCTYPE and ENTITY declarations to the XML to trick the Java parsers into making protocol requests when parsing XML document...
SUSE-SU-2021:3484-1 Security update for git
This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...
redis: Denial of service via Redis Standard Protocol (RESP) request
A flaw was found in redis. When parsing an incoming Redis Standard Protocol RESP request, redis allocates memory according to user-specified values, which determine the number of elements in the multi-bulk header and size of each element in the bulk header. This flaw allows an unauthenticated,...
The vulnerability of the Redis database management system server, which allows a hacker to cause a service failure
The vulnerability of the Redis database management system is related to errors in processing RESP requests. Exploiting this vulnerability can allow a malicious actor to cause service failures...
openSUSE 15 Security Update : git (openSUSE-SU-2021:1345-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1345-1 advisory. - gitconnectgit in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected...
openSUSE: Security Advisory for git (openSUSE-SU-2021:1345-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Aruba Instant 缓冲区错误漏洞
Aruba Instant is a wireless network. Aruba Instant provides the only Wi-Fi solution that is easy to set up.A buffer overflow vulnerability exists in Aruba Instant, which stems from a boundary error when processing PAPI requests sent to port 8211/UDP. A remote attacker could exploit this...
SUSE SLED15: git / git-arch / git-core / git-cvs / git-daemon / git-doc / etc (SUSE-SU-2021:3300-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3300-1 advisory. - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992. Tenable has...
OPENSUSE-SU-2021:3300-1 Security update for git
This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...
SUSE-SU-2021:3300-1 Security update for git
This update for git fixes the following issues: - CVE-2021-40330: Fixed unexpected cross-protocol requests via newline character in gitconnectgit repository path bsc1189992...
Security update for git (low)
openSUSE Security Update: Security update for git Announcement ID: openSUSE-SU-2021:3300-1 Rating: low References: 1189992 Cross-References: CVE-2021-40330 CVSS scores: CVE-2021-40330 SUSE: 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: openSUSE Leap 15.3 An update that fixes...
OESA-2021-1345 git security update
Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and...
Ubuntu: Security Advisory (USN-5076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5076-1 git vulnerability
It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...
USN-5076-1: Git vulnerability
It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character which may result in unexpected cross-protocol requests as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
...