CNNVD-202506-3305 Information

CNNVD ID

CNNVD-202506-3305

Related CVE

CVE-2014-6274

• CNNVD Published: 2025-06-26

Description (Chinese)

git-annex是git-annex开源的一款用于在Git 仓库中管理大文件的工具。 git-annex 3.20121126至5.20140919之前版本存在安全漏洞，该漏洞源于S3和Glacier远程存储中嵌入的AWS凭据未加密存储。

Description (English)

glit-annex is a tool for managing large files in Git-annex warehouses. There was a security loophole in the pre-version version 3.20121126 to 5.20140919, which originated from the unencrypted storage of the embedded AWS in the remote storage of S3 and Glacier.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

git-annex

Published

2025-06-26

Last Modified

2026-02-24

References

https://git-annex.branchable.com/upgrades/insecure_embedded_creds/ https://access.redhat.com/security/cve/cve-2014-6274

Patch

https://git-annex.branchable.com/upgrades/insecure_embedded_creds/