VYPR

rpm package

opensuse/obs-scm-bridge&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/obs-scm-bridge&distro=openSUSE%20Leap%2015.6

Vulnerabilities (6)

  • CVE-2025-46835HigJul 10, 2025
    affected < 0.7.4-150600.14.4.1fixed 0.7.4-150600.14.4.1

    Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite files for which the user ha

  • CVE-2025-27614HigJul 10, 2025
    affected < 0.7.4-150600.14.4.1fixed 0.7.4-150600.14.4.1

    Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python, ...) supplied by the at

  • CVE-2025-27613LowJul 10, 2025
    affected < 0.7.4-150600.14.4.1fixed 0.7.4-150600.14.4.1

    Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must ha

  • CVE-2025-48385HigJul 8, 2025
    affected < 0.7.4-150600.14.4.1fixed 0.7.4-150600.14.4.1

    Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows th

  • CVE-2025-48384KEVJul 8, 2025
    affected < 0.7.4-150600.14.4.1fixed 0.7.4-150600.14.4.1

    Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config

  • CVE-2024-22038HigNov 28, 2024
    affected < 0.5.4-150100.3.6.1fixed 0.5.4-150100.3.6.1

    Various problems in obs-scm-bridge allows attackers that create specially crafted git repositories to leak information of cause denial of service.