CVE-2018-10859 - log back

CVE-2018-10859 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Information disclosure
Description
+ A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex
References
+ https://git-annex.branchable.com/security/CVE-2018-10857_and_CVE-2018-10859/
Notes