Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
7.5

Git LFS on Red Hat Systems: Unauthenticated File Access Risk

RHSA-2026:3974
Summary

An update is available for Git Large File Storage (LFS) on Red Hat systems to fix a security issue that could allow an attacker to access files without authentication. This affects systems running Git LFS, which is used to manage large files in Git repositories. Users should update their Git LFS installations to the latest version to protect against this risk.

What to do
  • Update redhat git-lfs to version 0:3.2.0-2.el8_8.6.
  • Update redhat git-lfs-debuginfo to version 0:3.2.0-2.el8_8.6.
  • Update redhat git-lfs-debugsource to version 0:3.2.0-2.el8_8.6.
Affected software
VendorProductAffected versionsFix available
redhat git-lfs <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
redhat git-lfs-debuginfo <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
redhat git-lfs-debugsource <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
redhat git-lfs <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
redhat git-lfs-debuginfo <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
redhat git-lfs-debugsource <= 0:3.2.0-2.el8_8.6 0:3.2.0-2.el8_8.6
Published: 9 Mar 2026 · Updated: 13 Mar 2026 · First seen: 9 Mar 2026