git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.Referenceshttps://lists.debian.org/debian-lts-announce/2018/09/msg00004.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10857
