Vulnerabilities > GIT Annex Project

DATE CVE VULNERABILITY TITLE RISK
2018-07-16 CVE-2018-10857 Information Exposure vulnerability in multiple products
git-annex is vulnerable to a private data exposure and exfiltration attack.
network
low complexity
git-annex-project debian CWE-200
5.0
2018-07-16 CVE-2018-10859 Information Exposure vulnerability in multiple products
git-annex is vulnerable to an Information Exposure when decrypting files.
network
low complexity
git-annex-project debian CWE-200
5.0
2017-08-20 CVE-2017-12976 Improper Input Validation vulnerability in Git-Annex Project Git-Annex
git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117.
network
low complexity
git-annex-project CWE-20
8.8