[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:602325
Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitary code by injecting commands via crafted URLs.

oval:org.secpod.oval:def:1200124
A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the user"s system.

oval:org.secpod.oval:def:44757
git is installed

oval:org.secpod.oval:def:1800994
git is installed

oval:org.secpod.oval:def:501721
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1501276
git : arbitrary code execution via crafted URLs

oval:org.secpod.oval:def:52657
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it processed an untrusted repository.

oval:org.secpod.oval:def:1503229
Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available from ...

oval:org.secpod.oval:def:500354
Git is a fast, scalable, distributed revision control system. A cross-site scripting flaw was found in gitweb, a simple web interface for Git repositories. A remote attacker could perform an XSS attack against victims by tricking them into visiting a specially-crafted gitweb URL. All gitweb users ...

oval:org.secpod.oval:def:503491
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:80422
git: fast, scalable, distributed revision control system Details: USN-5376-1 fixed vulnerabilities in Git, some patches were missing to properly fix the issue. This update fixes the problem. Original advisory UNS-5376-1 was missing patches to properly fix the addressed issues.

oval:org.secpod.oval:def:503760
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1600966
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was a dangerous change from execvp to execv during 2017.

oval:org.secpod.oval:def:1801254
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was a dangerous change from execvp to execv during 2017. Fixed In Version:¶ git 2.19.2

oval:org.secpod.oval:def:1801553
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was a dangerous change from execvp to execv during 2017. Fixed In Version:¶ git 2.19.2

oval:org.secpod.oval:def:1801539
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was a dangerous change from execvp to execv during 2017. Fixed In Version:¶ git 2.19.2

oval:org.secpod.oval:def:1600833
Mishandling layers of tree objectsGit through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its ...

oval:org.secpod.oval:def:1801253
CVE-2018-16843: Excessive memory consumption via flaw in HTTP/2 implementation¶ Affected Versions:¶ nginx 1.9.5 - 1.15.5. Fixed In Version:¶ nginx 1.15.6, nginx 1.14.1

oval:org.secpod.oval:def:52385
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it received specially crafted changes from a remote repository.

oval:org.secpod.oval:def:109673
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with othe ...

oval:org.secpod.oval:def:62956
Carlo Arenas discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in u ...

oval:org.secpod.oval:def:62955
Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential information for a wrong host.

oval:org.secpod.oval:def:1500450
git is installed

oval:org.secpod.oval:def:62964
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information.

oval:org.secpod.oval:def:702381
git is installed

oval:org.secpod.oval:def:1500098
Updated git packages that fix one security issue are now available forRed Hat Enterprise Linux 6.The Red Hat Security Response Team has rated this update as having moderatesecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rating, is available from the ...

oval:org.secpod.oval:def:702369
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it received specially crafted changes from a remote repository.

oval:org.secpod.oval:def:204185
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:49228
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:89044797
This update for git fixes the following issues: This security issue was fixed: - CVE-2017-14867: Git used unsafe Perl scripts to support subcommands such as cvsserver, which allowed attackers to execute arbitrary OS commands via shell metacharacters in a module name .

oval:org.secpod.oval:def:703534
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it explored a specially crafted repository.

oval:org.secpod.oval:def:70194
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information.

oval:org.secpod.oval:def:38122
git sub packages are installed

oval:org.secpod.oval:def:66545
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:702894
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it processed an untrusted repository.

oval:org.secpod.oval:def:89044756
This update for git fixes the following issues: - git 2.12.3: * CVE-2017-8386: Fix git-shell not to escape with the starting dash name * Fix for potential segv introduced in v2.11.0 and later * Misc fixes and cleanups. - git 2.12.2: * CLI output fixes * Dump http transport fixes * various fixes for ...

oval:org.secpod.oval:def:89044992
This update for git fixes the following issues: - CVE-2017-1000117: A client side code execution via shell injection when receiving special submodule strings from a malicious server was fixed

oval:org.secpod.oval:def:113268
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:113304
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:113560
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:89419
git: fast, scalable, distributed revision control system Details: USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Original advisory USN-5810-1 introduced a regression in Git.

oval:org.secpod.oval:def:703035
git: fast, scalable, distributed revision control system Git could be made to crash or run programs as your login if it received changes from a specially crafted remote repository.

oval:org.secpod.oval:def:110321
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:203883
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:110354
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs the core tools with minimal dependencies. To install all git packages, including tools for integrating with othe ...

oval:org.secpod.oval:def:400719
This update for git fixes a buffer overflow issue that had the potential to be abused for remote execution of arbitrary code .

oval:org.secpod.oval:def:115565
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:115561
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:51026
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:89049768
This update for git fixes the following issues: Security issue fixed: - CVE-2018-19486: Fixed git that executed commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was .

oval:org.secpod.oval:def:1700102
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory in certain cases involving the run_command API and run-command.c, because there was a dangerous change from execvp to execv during 2017.

oval:org.secpod.oval:def:202596
Git is a fast, scalable, distributed revision control system. It was discovered that Git"s git-imap-send command, a tool to send a collection of patches from standard input to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server"s certificate, as it did no ...

oval:org.secpod.oval:def:203878
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:501797
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:52743
git: fast, scalable, distributed revision control system Git could be made to crash or run programs as your login if it received changes from a specially crafted remote repository.

oval:org.secpod.oval:def:1600370
An integer truncation flaw and an integer overflow flaw , both leading to a heap-based buffer overflow, were found in the way Git processed certain path information. A remote attacker could create a specially crafted Git repository that would cause a Git client or server to crash or, possibly, execu ...

oval:org.secpod.oval:def:602429
Lael Cellier discovered two buffer overflow vulnerabilities in git, a fast, scalable, distributed revision control system, which could be exploited for remote execution of arbitrary code.

oval:org.secpod.oval:def:204548
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:501007
Git is a fast, scalable, distributed revision control system. It was discovered that Git"s git-imap-send command, a tool to send a collection of patches from standard input to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server"s certificate, as it did no ...

oval:org.secpod.oval:def:75950
git: fast, scalable, distributed revision control system Git incorrectly handled certain repository paths.

oval:org.secpod.oval:def:119578
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:1801872
On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could be fooled into running remote code during a clone.added edge tag:security v3.10 v3.11 v3.12 v3.13 labels

oval:org.secpod.oval:def:1801742
git: Crafted URL containing new lines, empty host or lacks a scheme can cause credential leak

oval:org.secpod.oval:def:502084
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1501965
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:52850
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it explored a specially crafted repository.

oval:org.secpod.oval:def:44749
It was found that the Git client printed server-sent ANSI escape codes to the terminal without any sanitization, leading to execution of arbitrary escape sequences in the terminal emulator. Exploitation of this flaw by a MitM attacker could potentially result in code execution, arbitrary file writes ...

oval:org.secpod.oval:def:44754
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a M ...

oval:org.secpod.oval:def:44760
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a M ...

oval:org.secpod.oval:def:44763
The host is installed with git and is prone to an input validation error vulnerability. A flaw is present in the application, which fails to handle the terminal configuration to RCE. Successful exploitation could allow attackers to execute arbitrary commands for unverified messages.

oval:org.secpod.oval:def:2000349
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, .

oval:org.secpod.oval:def:1900095
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messingup terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, .

oval:org.secpod.oval:def:703837
git: fast, scalable, distributed revision control system Git be made to run programs if it processed a specially crafted file.

oval:org.secpod.oval:def:1600711
Escape out of git-shellA flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote authenticated attacker could use this flaw to bypass git-shell restrictions, to view and manipulate files, by abusing the instance of the less command laun ...

oval:org.secpod.oval:def:113045
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:113040
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:1600763
Command injection via malicious ssh URLs:A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "c ...

oval:org.secpod.oval:def:703599
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:51910
git: fast, scalable, distributed revision control system Git be made to run programs if it processed a specially crafted file.

oval:org.secpod.oval:def:603120
joernchen discovered that the git-cvsserver subcommand of Git, a distributed version control system, suffers from a shell command injection vulnerability due to unsafe use of the Perl backtick operator. The git-cvsserver subcommand is reachable from the git-shell subcommand even if CVS support has n ...

oval:org.secpod.oval:def:1600791
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations

oval:org.secpod.oval:def:51788
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information over the network.

oval:org.secpod.oval:def:602873
Timo Schmid of ERNW GmbH discovered that the Git git-shell, a restricted login shell for Git-only SSH access, allows a user to run an interactive pager by causing it to spawn "git upload-pack --help".

oval:org.secpod.oval:def:112363
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:1501950
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:502122
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:502123
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1501964
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:112423
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:703753
git: fast, scalable, distributed revision control system Git could be made run programs as your login if it opened a specially crafted git repository.

oval:org.secpod.oval:def:51867
git: fast, scalable, distributed revision control system Git could be made run programs as your login if it opened a specially crafted git repository.

oval:org.secpod.oval:def:603052
Joern Schneeweisz discovered that git, a distributed revision control system, did not correctly handle maliciously constructed ssh:// URLs. This allowed an attacker to run an arbitrary shell command, for instance via git submodules.

oval:org.secpod.oval:def:113737
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:52126
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:2000644
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structu ...

oval:org.secpod.oval:def:704401
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:113666
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:113569
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:705440
git: fast, scalable, distributed revision control system Git could be made to expose sensitive information.

oval:org.secpod.oval:def:1700329
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260 . The fix for that bug still left the door open for an exploit where _some_ credential is leaked . Git uses external "cr ...

oval:org.secpod.oval:def:89000402
This update for git to 2.26.2 fixes the following issues: Security issue fixed: - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted . Non-security issue fixed: - ...

oval:org.secpod.oval:def:2004678
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka "Git for Visual Studio Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387.

oval:org.secpod.oval:def:89000456
This update for git fixes the following issues: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host .

oval:org.secpod.oval:def:2004680
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka "Git for Visual Studio Tampering Vulnerability".

oval:org.secpod.oval:def:2004675
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka "Git for Visual Studio Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.

oval:org.secpod.oval:def:604808
Carlo Arenas discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper machinery can be fooled into providing credential information that is not appropriate for the protocol in u ...

oval:org.secpod.oval:def:604807
Felix Wilhelm of Google Project Zero discovered a flaw in git, a fast, scalable, distributed revision control system. With a crafted URL that contains a newline, the credential helper machinery can be fooled to return credential information for a wrong host.

oval:org.secpod.oval:def:89000608
This update for git fixes the following issues: Security issue fixed: - CVE-2020-5260: With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host . Non-security issue fixed: git was updated to 2.26.0 for SHA256 supp ...

oval:org.secpod.oval:def:89047302
This update for git fixes the following issues: Update from version 2.26.2 to version 2.31.1 Security fixes: - CVE-2021-21300: On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could run remote code duri ...

oval:org.secpod.oval:def:89047158
This update for git fixes the following issues: - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters , Git could be fooled into running remote code during a clone

oval:org.secpod.oval:def:126489
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:87851
A vulnerability was found in Git. This security issue occurs when feeding a crafted input to "git apply." A path outside the working tree can be overwritten by the user running "git apply."

oval:org.secpod.oval:def:3300000
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:610427
Brief introduction CVE-2023-22490 yvvdwf found a data exfiltration vulnerbility while performing local clone from malicious repository even using a non-local transport. CVE-2023-23946 Joern Schneeweisz found a path traversal vulnerbility in git-apply that a path outside the working tree can be overw ...

oval:org.secpod.oval:def:87850
A vulnerability was found in Git. Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links (CVE-2022-39253), the objects d ...

oval:org.secpod.oval:def:89460
git: fast, scalable, distributed revision control system Details: USN-5871-1 fixed vulnerabilities in Git. A backport fixing part of the vulnerability in CVE-2023-22490 was required. This update fix this for Linux Mint 19.x LTS. Original advisory USN-5871-1 caused a regression.

oval:org.secpod.oval:def:19500074
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local c ...

oval:org.secpod.oval:def:89459
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:89359
Brief introduction CVE-2023-22490 yvvdwf found a data exfiltration vulnerbility while performing local clone from malicious repository even using a non-local transport. CVE-2023-23946 Joern Schneeweisz found a path traversal vulnerbility in git-apply that a path outside the working tree can be overw ...

oval:org.secpod.oval:def:1701211
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local c ...

oval:org.secpod.oval:def:1506450
[1.8.3.1-24] - Fixes CVE-2022-23521 and CVE-2022-41903 - Resolves: #2162067

oval:org.secpod.oval:def:89048148
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file .

oval:org.secpod.oval:def:89048144
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file .

oval:org.secpod.oval:def:1701155
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this p ...

oval:org.secpod.oval:def:89048141
This update for git fixes the following issues: - CVE-2022-41903: Fixed a heap overflow in the "git archive" and "git log --format" commands . - CVE-2022-23521: Fixed an integer overflow that could be triggered when parsing a gitattributes file .

oval:org.secpod.oval:def:3300324
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:5800015
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:507552
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:89418
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:124877
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:3300197
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:4501207
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:124882
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:1701078
Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone , Git copies the contents of the source's /o ...

oval:org.secpod.oval:def:3300217
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:3301188
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:66509
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1502757
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:69922
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. CVE-2 ...

oval:org.secpod.oval:def:94889
git: fast, scalable, distributed revision control system Details: USN-5376-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Linux Mint 21.x LTS. Original advisory Git could be made to run arbitrary commands in platforms with multiple users support.

oval:org.secpod.oval:def:705310
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:89047416
This update for git fixes the following issues: - Updated to version 2.35.3: - CVE-2022-24765: Fixed a potential command injection via git worktree .

oval:org.secpod.oval:def:89003300
This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ...

oval:org.secpod.oval:def:1700289
Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning NTFS protections inactive when running Git in the Windows Subsystem for Linux remote code execution in recursive clones with nested submodules Arbitrary path overwriting via export-marks command option ...

oval:org.secpod.oval:def:80421
git: fast, scalable, distributed revision control system Git could be made to run arbitrary commands in platforms with multiple users support.

oval:org.secpod.oval:def:3300526
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:122117
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:89050283
This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice . - CVE-2019-19604: Fixed a recursive clone followed by a su ...

oval:org.secpod.oval:def:122124
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:3301028
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:1506780
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:707628
git: fast, scalable, distributed revision control system Git could be made to run arbitrary commands as an administrator if it received specially crafted inputs.

oval:org.secpod.oval:def:3301239
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:89047421
This update for git fixes the following issues: - CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree .

oval:org.secpod.oval:def:507739
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1506656
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:610366
Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell. This update includes two changes of behavior that may ...

oval:org.secpod.oval:def:3300891
SUSE Security Update: Security update for git

oval:org.secpod.oval:def:507673
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:19500158
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this p ...

oval:org.secpod.oval:def:89333
Multiple issues were found in Git, a distributed revision control system. An attacker may trigger remote code execution, cause local users into executing arbitrary commands, leak information from the local filesystem, and bypass restricted shell. This update includes two changes of behavior that may ...

oval:org.secpod.oval:def:97714
[CLSA-2023:1677231280] git: Fix of 4 CVEs

oval:org.secpod.oval:def:125388
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:507772
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:507774
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:507773
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:1506577
[1.8.3.1-25] - Fixes CVE-2023-25652 and CVE-2023-29007 - Resolves: #2188354, #2188365

oval:org.secpod.oval:def:1506574
[2.39.3-1] - Update to 2.39.3 - Resolves: #2188352, #2188361, #2189976, #2189977

oval:org.secpod.oval:def:91476
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:708119
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:89048817
This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection .

oval:org.secpod.oval:def:125696
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:125414
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:1506580
[2.39.3-1] - Update to 2.39.3 - Resolves: #2188364, #2188373, #2190157, #2190158

oval:org.secpod.oval:def:89048777
This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection .

oval:org.secpod.oval:def:19500037
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents . A fix is ...

oval:org.secpod.oval:def:4501427
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:89048765
This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection .

oval:org.secpod.oval:def:97728
[CLSA-2023:1683814164] git: Fix of 2 CVEs

oval:org.secpod.oval:def:89048784
This update for git fixes the following issues: * CVE-2023-25652: Fixed partial overwrite of paths outside the working tree . * CVE-2023-25815: Fixed malicious placemtn of crafted message . * CVE-2023-29007: Fixed arbitrary configuration injection .

oval:org.secpod.oval:def:115217
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:51141
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it recursively opened a malicious git repository.

oval:org.secpod.oval:def:48098
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:603539
joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules.

oval:org.secpod.oval:def:603412
Etienne Stalmans discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability exploitable via specially crafted submodule names in a .gitmodules file.

oval:org.secpod.oval:def:114590
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:704345
git: fast, scalable, distributed revision control system Git could be made to run programs as your login if it recursively opened a malicious git repository.

oval:org.secpod.oval:def:53338
Etienne Stalmans discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability exploitable via specially crafted submodule names in a .gitmodules file.

oval:org.secpod.oval:def:204959
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:204835
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:704107
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:51048
git: fast, scalable, distributed revision control system Several security issues were fixed in Git.

oval:org.secpod.oval:def:1800993
CVE-2018-11233:¶ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.

oval:org.secpod.oval:def:1800995
CVE-2018-11233:¶ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.

oval:org.secpod.oval:def:1800999
CVE-2018-11233:¶ In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.

oval:org.secpod.oval:def:1700086
Git before 2.14.5, allows remote code execution during processing of a recursive quot;git clonequot; of a superproject if a .gitmodules file has a URL field beginning with a #039;-#039; character.

oval:org.secpod.oval:def:89049697
This update for git fixes the following issues: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a "-" character. .

oval:org.secpod.oval:def:114589
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:89050466
This update for git fixes the following issues: Security issues fixed: * CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted git was updated to 2.26.1 - Fix git-d ...

oval:org.secpod.oval:def:1600894
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x befor ...

oval:org.secpod.oval:def:89049598
This update for git to version 2.16.4 fixes several issues. These security issues were fixed: - CVE-2018-11233: Path sanity-checks on NTFS allowed attackers to read arbitrary memory - CVE-2018-11235: Arbitrary code execution when recursively cloning a malicious repository

oval:org.secpod.oval:def:1700048
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory.In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x befor ...

oval:org.secpod.oval:def:1502252
The advisory is missing the security advisory description. For more information please visit the reference link

oval:org.secpod.oval:def:115254
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The git rpm installs common set of tools which are usually using with small amount of dependencies. To install all git packages, incl ...

oval:org.secpod.oval:def:503507
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

oval:org.secpod.oval:def:89003444
This update for git fixes the following issue: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive quot;git clonequot; of a superproject if a .gitmodules file has a URL field beginning with a "-" character. .

oval:org.secpod.oval:def:1600936
Git before 2.14.5, allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

oval:org.secpod.oval:def:502322
Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work ...

CVE    2
CVE-2020-5260
CVE-2021-40330
*CPE
cpe:/a:git:git

© SecPod Technologies