3 matches found
Information Exposure
Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Information Exposure due to a lack of checking for hidden commits. An attacker can access sensitive repository data by injecting additional commits that ar...
Misinterpretation of Input
Overview @finos/git-proxy is a Deploy custom push protections and policies on top of Git. Affected versions of this package are vulnerable to Misinterpretation of Input via the parsePush.ts file. An attacker can bypass approval mechanisms or hide commits by crafting a malicious Git packfile that...
PT-2024-2045 · Nlnet +2 · Unbound +2
Name of the Vulnerable Software and Affected Versions: Unbound versions 1.18.0 through 1.19.1 Description: The issue is related to a denial of service vulnerability caused by an infinite loop in the code. This occurs when Unbound tries to trim extra text fields from EDE records to fit within the...