CVE-2018-10857

git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857 Issue Tracking Third Party Advisory
https://lists.debian.org/debian-lts-announce/2018/09/msg00004.html Mailing List Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:git-annex_project:git-annex:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Information

Published : 2018-07-16 08:29

Updated : 2019-10-09 11:33


NVD link : CVE-2018-10857

Mitre link : CVE-2018-10857

Products Affected
No products.
CWE