rpm package
suse/brise&distro=SUSE Linux Enterprise Module for Desktop Applications 15 SP6
pkg:rpm/suse/brise&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-21613 | — | < 20230603+git.5fdd2d6-150600.3.8.1 | 20230603+git.5fdd2d6-150600.3.8.1 | Jan 6, 2025 | go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flag | ||
| CVE-2024-45337 | Cri | 9.1 | < 20230603+git.5fdd2d6-150600.3.8.1 | 20230603+git.5fdd2d6-150600.3.8.1 | Dec 12, 2024 | Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that |
- CVE-2025-21613Jan 6, 2025affected < 20230603+git.5fdd2d6-150600.3.8.1fixed 20230603+git.5fdd2d6-150600.3.8.1
go-git is a highly extensible git implementation library written in pure Go. An argument injection vulnerability was discovered in go-git versions prior to v5.13. Successful exploitation of this vulnerability could allow an attacker to set arbitrary values to git-upload-pack flag
- affected < 20230603+git.5fdd2d6-150600.3.8.1fixed 20230603+git.5fdd2d6-150600.3.8.1
Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that