AVG-725 log
Package | git-annex |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 6.20180529-18 |
Fixed | 6.20180626-1 |
Current | 10.20240927-2 [extra] |
Ticket | None |
Created | Wed Jun 27 07:47:08 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-10859 | High | Yes | Information disclosure | A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to... |
CVE-2018-10857 | High | Yes | Arbitrary filesystem access | Some uses of git-annex were vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the... |
Date | Advisory | Package | Type |
---|---|---|---|
04 Jul 2018 | ASA-201807-2 | git-annex | multiple issues |