5 matches found
MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.161-2.6.12.0.0.1.el7.AXS7 (AXSA:2017-2478:04)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2478:04 advisory. Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to...
The vulnerability of the “credentialhelper” component in the distributed Git version control system, related to insufficient protection of registration data, allows a malicious actor to access confidential information.
The vulnerability of the “credentialhelper” component in the distributed Git version control system is related to insufficient protection of registration data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information through ...
git: Crafted URL containing new lines can cause credential leak
A flaw was found in git. Credentials can be leaked through the use of a crafted URL that contains a newline, fooling the credential helper to give information for a different host. Highest threat from the vulnerability is to data confidentiality...
Fedora 31 : git (2020-cdef88bb89)
Security fix for CVE-2020-5260 From the upstream release notes : With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a newline character in any value pass...
security flaw
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting XSS attacks via style sheet specifiers with invalid 1 "/" and "/" comments, or 2 a newline in a "url" specifier, which is processed by certain web browsers...