[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

243238

 
 

909

 
 

192833

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2017-882 ---- git

ID: oval:org.secpod.oval:def:1600763Date: (C)2017-09-21   (M)2023-12-20
Class: PATCHFamily: unix




Command injection via malicious ssh URLs:A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Git. An attacker could use this flaw to execute shell commands with the privileges of the user running the Git client, for example, when performing a "clone" action on a malicious repository or a legitimate repository containing a malicious commit.

Platform:
Amazon Linux AMI
Product:
git
Reference:
ALAS-2017-882
CVE-2017-1000117
CVE    1
CVE-2017-1000117
CPE    2
cpe:/o:amazon:linux
cpe:/a:git:git

© SecPod Technologies