Mageia: 2025-0028 critical: git-lfs credential exfiltration

mageia

January 30, 2025

Git LFS permits exfiltration of credentials via crafted HTTP URLs

Summary

Git LFS permits exfiltration of credentials via crafted HTTP URLs. (CVE-2024-53263)

References

- https://bugs.mageia.org/show_bug.cgi?id=33931

- https://lists.debian.org/debian-security-announce/2025/msg00011.html

- https://www.cve.org/CVERecord?id=CVE-2024-53263

Topics Covered

security advisory security update high severity remote code execution Mageia git-lfs credential exfiltration

Resolution

SRPMS

- 9/core/git-lfs-3.2.0-1.1.mga9

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 30 Jan 2025

URL: https://advisories.mageia.org/MGASA-2025-0028.html

Type: security

CVE: CVE-2024-53263

Topics Covered

security advisory security update high severity remote code execution Mageia git-lfs credential exfiltration

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia: 2025-0028 critical: git-lfs credential exfiltration

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia: 2025-0028 critical: git-lfs credential exfiltration

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!