Vulnerability Details CVE-2014-6274
git-annex had a bug in the S3 and Glacier remotes where if embedcreds=yes
was set, and the remote used encryption=pubkey or encryption=hybrid,
the embedded AWS credentials were stored in the git repository
in (effectively) plaintext, not encrypted as they were supposed to be. This issue affects git-annex: from 3.20121126 before 5.20140919.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.6%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2014-6274
-
cpe:2.3:a:git-annex_project:git-annex:3.20121126
-
cpe:2.3:a:git-annex_project:git-annex:3.20121127
-
cpe:2.3:a:git-annex_project:git-annex:3.20121211
-
cpe:2.3:a:git-annex_project:git-annex:3.20130102
-
cpe:2.3:a:git-annex_project:git-annex:3.20130107
-
cpe:2.3:a:git-annex_project:git-annex:3.20130114
-
cpe:2.3:a:git-annex_project:git-annex:3.20130124
-
cpe:2.3:a:git-annex_project:git-annex:3.20130207
-
cpe:2.3:a:git-annex_project:git-annex:3.20130216
-
cpe:2.3:a:git-annex_project:git-annex:4.20130227
-
cpe:2.3:a:git-annex_project:git-annex:4.20130314
-
cpe:2.3:a:git-annex_project:git-annex:4.20130323
-
cpe:2.3:a:git-annex_project:git-annex:4.20130405
-
cpe:2.3:a:git-annex_project:git-annex:4.20130417
-
cpe:2.3:a:git-annex_project:git-annex:4.20130501
-
cpe:2.3:a:git-annex_project:git-annex:4.20130516
-
cpe:2.3:a:git-annex_project:git-annex:4.20130521
-
cpe:2.3:a:git-annex_project:git-annex:4.20130521.1
-
cpe:2.3:a:git-annex_project:git-annex:4.20130521.2
-
cpe:2.3:a:git-annex_project:git-annex:4.20130601
-
cpe:2.3:a:git-annex_project:git-annex:4.20130621
-
cpe:2.3:a:git-annex_project:git-annex:4.20130627
-
cpe:2.3:a:git-annex_project:git-annex:4.20130709
-
cpe:2.3:a:git-annex_project:git-annex:4.20130723
-
cpe:2.3:a:git-annex_project:git-annex:4.20130802
-
cpe:2.3:a:git-annex_project:git-annex:4.20130815
-
cpe:2.3:a:git-annex_project:git-annex:4.20130909
-
cpe:2.3:a:git-annex_project:git-annex:4.20130911
-
cpe:2.3:a:git-annex_project:git-annex:4.20130920
-
cpe:2.3:a:git-annex_project:git-annex:4.20131002
-
cpe:2.3:a:git-annex_project:git-annex:4.20131024
-
cpe:2.3:a:git-annex_project:git-annex:4.20131101
-
cpe:2.3:a:git-annex_project:git-annex:4.20131106
-
cpe:2.3:a:git-annex_project:git-annex:5.20131118
-
cpe:2.3:a:git-annex_project:git-annex:5.20131120
-
cpe:2.3:a:git-annex_project:git-annex:5.20131127
-
cpe:2.3:a:git-annex_project:git-annex:5.20131130
-
cpe:2.3:a:git-annex_project:git-annex:5.20131213
-
cpe:2.3:a:git-annex_project:git-annex:5.20131221
-
cpe:2.3:a:git-annex_project:git-annex:5.20131230
-
cpe:2.3:a:git-annex_project:git-annex:5.20140107
-
cpe:2.3:a:git-annex_project:git-annex:5.20140116
-
cpe:2.3:a:git-annex_project:git-annex:5.20140127
-
cpe:2.3:a:git-annex_project:git-annex:5.20140210
-
cpe:2.3:a:git-annex_project:git-annex:5.20140221
-
cpe:2.3:a:git-annex_project:git-annex:5.20140227
-
cpe:2.3:a:git-annex_project:git-annex:5.20140306
-
cpe:2.3:a:git-annex_project:git-annex:5.20140320
-
cpe:2.3:a:git-annex_project:git-annex:5.20140402
-
cpe:2.3:a:git-annex_project:git-annex:5.20140411
-
cpe:2.3:a:git-annex_project:git-annex:5.20140412
-
cpe:2.3:a:git-annex_project:git-annex:5.20140421
-
cpe:2.3:a:git-annex_project:git-annex:5.20140517
-
cpe:2.3:a:git-annex_project:git-annex:5.20140529
-
cpe:2.3:a:git-annex_project:git-annex:5.20140606
-
cpe:2.3:a:git-annex_project:git-annex:5.20140613
-
cpe:2.3:a:git-annex_project:git-annex:5.20140707
-
cpe:2.3:a:git-annex_project:git-annex:5.20140709
-
cpe:2.3:a:git-annex_project:git-annex:5.20140717
-
cpe:2.3:a:git-annex_project:git-annex:5.20140817
-
cpe:2.3:a:git-annex_project:git-annex:5.20140831
-
cpe:2.3:a:git-annex_project:git-annex:5.20140915