Git could be made to expose sensitive information ...
Carlo Arenas discovered a flaw in git, a fast, scalable, distributed
revision control system With a crafted URL that contains a newline or
empty host, or lacks a scheme, the credential helper machinery can be
fooled into providing credential information that is not appropriate for
the protocol in use and host being contacted
For the oldstable dis ...
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q) The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one) Git uses ...
Synopsis
Important: rh-git218-git security update
Type/Severity
Security Advisory: Important
Topic
An update for rh-git218-git is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Topic
An update for git is now available for Red Hat Enterprise Linux 80 Update Services for SAP SolutionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Topic
An update for git is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Topic
An update for git is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which g ...
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Topic
An update for git is now available for Red Hat Enterprise Linux 81 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...
Synopsis
Important: git security update
Type/Severity
Security Advisory: Important
Topic
An update for git is now available for Red Hat Enterprise Linux 77 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...
Synopsis
Important: Container-native Virtualization security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 240 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Securi ...
Synopsis
Moderate: OpenShift Container Platform 461 image security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q) The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one) Git uses ...
With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in use and host being contacted
Unlike the vulnerability CVE-2020-5260 fixed in v2261, the credentials are not for a host of the attacker's choo ...