Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fossil scm fossil vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-34009
Fossil 2.18 on Windows allows malicious users to cause a denial of service (daemon crash) via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender ha...
Fossil-scm Fossil 2.18
5
CVSSv2
CVE-2021-36377
Fossil prior to 2.14.2 and 2.15.x prior to 2.15.2 often skips the hostname check during TLS certificate validation.
Fossil-scm Fossil
Fedoraproject Fedora 34
6.5
CVSSv2
CVE-2020-24614
Fossil prior to 2.10.2, 2.11.x prior to 2.11.2, and 2.12.x prior to 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.
Fossil-scm Fossil
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Opensuse Leap 15.1
Opensuse Backports Sle 15.0
Opensuse Leap 15.2
9.3
CVSSv2
CVE-2017-17459
http_transport.c in Fossil prior to 2.4, when the SSH sync protocol is used, allows user-assisted remote malicious users to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, ...
Fossil Scm Fossil
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started