Skip to main content

Borg

4 CVEs product

Monthly

CVE-2023-36811 PyPI MEDIUM PATCH This Month

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. Rated medium severity (CVSS 4.7).

Information Disclosure Jwt Attack Borg
NVD GitHub
CVSS 3.1
4.7
EPSS
0.1%
CVE-2023-26265 MEDIUM PATCH This Month

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Borg
NVD GitHub
CVSS 3.1
5.3
EPSS
0.6%
CVE-2016-10100 MEDIUM This Month

Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Borg
NVD
CVSS 3.0
5.3
EPSS
0.1%
CVE-2016-10099 MEDIUM This Month

Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Borg
NVD
CVSS 3.0
5.3
EPSS
0.3%
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

borgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. Rated medium severity (CVSS 4.7).

Information Disclosure Jwt Attack Borg
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

The Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Borg
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM This Month

Borg (aka BorgBackup) before 1.0.9 has a flaw in the way duplicate archive names were processed during manifest recovery, potentially allowing an attacker to overwrite an archive. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Borg
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Borg (aka BorgBackup) before 1.0.9 has a flaw in the cryptographic protocol used to authenticate the manifest (list of archives), potentially allowing an attacker to spoof the list of archives. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Borg
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy