CVE-2025-58158P2HIGHCVSS 8.8fixed in 3.3.02025-08-29
CVE-2025-58158 [HIGH] CWE-22 CVE-2025-58158: Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipeli
Harness Open Source is an end-to-end developer platform with Source Control Management, CI/CD Pipelines, Hosted Developer Environments, and Artifact Registries. Prior to version 3.3.0, Open Source Harness git LFS server (Gitness) exposes api to retrieve and upload files via git LFS. Implementation of upload git LFS file api is vulnerable to arbitrary f
nvd