Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-1011

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.01026EPSS
Exploits1References12
OSV
OSV
added 2023/03/07 8:9 p.m.44 views

GHSA-GC89-7GCR-JXQC Buildkit credentials inlined to Git URLs could end up in provenance attestation

When the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build, these credentials could be visible from the provenance attestation. Git URL can be passed in two ways: 1 Invoking build directly from a URL...

6.5CVSS7AI score0.01026EPSS
Exploits1References8
Github Security Blog
Github Security Blog
added 2023/03/07 8:9 p.m.32 views

Buildkit credentials inlined to Git URLs could end up in provenance attestation

When the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build, these credentials could be visible from the provenance attestation. Git URL can be passed in two ways: 1 Invoking build directly from a URL...

6.5CVSS6.1AI score0.01026EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2023/03/06 7:15 p.m.25 views

CVE-2023-26054

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS6.8AI score0.01026EPSS
Exploits1References5
Prion
Prion
added 2023/03/06 7:15 p.m.19 views

Race condition

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

4.3CVSS6.5AI score0.01026EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2023/03/06 7:15 p.m.27 views

CVE-2023-26054

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS6.7AI score0.01026EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/03/06 6:5 p.m.43 views

CVE-2023-26054 Credentials inlined to Git URLs could end up in provenance attestation in BuildKit

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS7.5AI score0.01026EPSS
Exploits1References5
AlpineLinux
AlpineLinux
added 2023/03/06 6:5 p.m.56 views

CVE-2023-26054

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS7.4AI score0.01026EPSS
Exploits1
OSV
OSV
added 2023/03/06 6:5 p.m.24 views

CVE-2023-26054 Credentials inlined to Git URLs could end up in provenance attestation in BuildKit

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and the build creates a provenance attestation describing that build,...

6.5CVSS6.3AI score0.01026EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2018/10/03 12:0 a.m.35 views

openSUSE Security Update : zsh (openSUSE-2018-1094)

This update for zsh to version 5.6.2 fixes the following issues : These security issues were fixed : - CVE-2018-0502: The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line bsc1107296 - CVE-2018-13259: Shebang lines exceeding 6...

9.8CVSS8.1AI score0.02723EPSS
Exploits0References14
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/02 12:7 p.m.47 views

Security update for zsh (important)

This update for zsh to version 5.6.2 fixes the following issues: These security issues were fixed: - CVE-2018-0502: The beginning of a ! script file was mishandled, potentially leading to an execve call to a program named on the second line bsc1107296 - CVE-2018-13259: Shebang lines exceeding 64...

7.2CVSS0.4AI score0.02723EPSS
Exploits0References9
Rows per page
Query Builder