2 matches found
HSEC-2023-0010 git-annex private data exfiltration to compromised remote
git-annex private data exfiltration to compromised remote Some uses of git-annex were vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN. Joey He...
openSUSE Security Update : git-annex (openSUSE-2019-497)
This update for git-annex to version 6.20180626 fixes the following issues : - CVE-2018-10857: Prevent file content disclosure by refusing to download content that cannot be verified with a hash, from encrypted special remotes and glacier bsc1098062. - CVE-2018-10859: Prevent local gpg encrypted...