3 matches found
PT-2022-14171 · Gogs · Gogs
Name of the Vulnerable Software and Affected Versions: gogs/gogs versions =0.12.7 Description: A remote command execution issue exists due to improper validation of the tree path parameter during file uploads. An attacker can upload a file into the .git directory by setting tree path=.git.,...
PT-2022-13774
Name of the Vulnerable Software and Affected Versions gogs/gogs versions prior to 0.12.8 Description The issue is related to a Server-Side Request Forgery SSRF in the GitHub repository gogs/gogs. This allows a malicious user to discover services in the internal network through webhook...
Nomad File Sandbox Escape via Container Volume Mount
Summary A vulnerability, CVE-2020-28348, was discovered in Nomad and Nomad Enterprise “Nomad” such that an operator with job submission capabilities can mount the host file system of a client agent and subvert the default Docker file sandbox feature when not explicitly disabled or when using a...