Vulnerabilites related to git - git
Vulnerability from fkie_nvd
Published
2008-08-07 21:41
Modified
2024-11-21 00:49
Severity ?
Summary
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:parduslinux:2007:*:*:*:*:*:*:*", matchCriteriaId: "D249E4F6-FD0D-4E0D-9B44-9C92F5554BDB", vulnerable: false, }, { criteria: "cpe:2.3:o:linux:parduslinux:2008:*:*:*:*:*:*:*", matchCriteriaId: "D709875E-1618-4078-96A7-2E6B5F5B2623", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*", matchCriteriaId: "FF740C26-5EB6-4184-93C3-DAC38F01CE25", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.", }, { lang: "es", value: "Desbordamiento de búfer basado en pila de las funciones (1) diff_addremove y (2) diff_change en GIT versiones anteriores a la 1.5.6.4, podría permitir a usuarios locales ejecutar código arbitrariamente a través de un PATH de longitud mayor a PATH_MAX del sistema cuando se ejecutan las utilidades GIT como git-diff o git-grep.", }, ], id: "CVE-2008-3546", lastModified: "2024-11-21T00:49:30.393", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-08-07T21:41:00.000", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31347", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/31780", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32029", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32384", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/33964", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200809-16.xml", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1637", }, { source: "cve@mitre.org", url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/30549", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1020627", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/2306", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-2707", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/31347", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/31780", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32029", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32384", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/33964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200809-16.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1637", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/30549", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1020627", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2306", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2707", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-01-31 11:03
Modified
2024-11-21 00:06
Severity ?
Summary
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86156029-EE44-45B6-AF73-641502AC8007", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*", matchCriteriaId: "C7C119CD-4432-4EF8-95BA-BED4C93E609F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BD14EC-D963-4D3A-998F-4041E0F20547", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "7F24CC42-E1E2-4B03-B5D5-7A3050BAE01D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "A0BD6A9F-4AA2-4672-94FA-002B10478166", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "05F3F409-D4F5-4B89-9D9B-63E8041E3700", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "228B069E-80BB-4A95-8BBD-66D9C78F2B0D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "38EA9447-A92C-43C9-ADD0-F8DCAD57A6C5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9ECD92C3-4B06-447C-BB93-205E7F9A4F02", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "09E4D3DC-7541-4E37-911C-8EC4258D678C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "84137274-7537-4F23-A193-06B7D85820D2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "E6003B70-C2BD-4402-A3DA-9F52FC1EF292", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D6501938-1E45-4C86-98E8-64D6449674B1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.", }, ], id: "CVE-2006-0477", lastModified: "2024-11-21T00:06:33.187", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-01-31T11:03:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://lwn.net/Articles/169623/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18643", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/16417", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0367", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24360", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://lwn.net/Articles/169623/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18643", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/16417", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0367", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24360", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-01-13 17:00
Modified
2024-11-21 00:54
Severity ?
Summary
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0.1 | |
| git | git | 1.5.0.2 | |
| git | git | 1.5.0.3 | |
| git | git | 1.5.0.4 | |
| git | git | 1.5.0.5 | |
| git | git | 1.5.0.6 | |
| git | git | 1.5.0.7 | |
| git | git | 1.5.1 | |
| git | git | 1.5.1.1 | |
| git | git | 1.5.1.2 | |
| git | git | 1.5.1.3 | |
| git | git | 1.5.1.4 | |
| git | git | 1.5.1.5 | |
| git | git | 1.5.1.6 | |
| git | git | 1.5.2 | |
| git | git | 1.5.2.1 | |
| git | git | 1.5.2.2 | |
| git | git | 1.5.2.3 | |
| git | git | 1.5.2.4 | |
| git | git | 1.5.2.5 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3.1 | |
| git | git | 1.5.3.2 | |
| git | git | 1.5.3.3 | |
| git | git | 1.5.3.4 | |
| git | git | 1.5.3.5 | |
| git | git | 1.5.3.6 | |
| git | git | 1.5.3.7 | |
| git | git | 1.5.3.8 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4.1 | |
| git | git | 1.5.4.2 | |
| git | git | 1.5.4.3 | |
| git | git | 1.5.4.4 | |
| git | git | 1.5.4.5 | |
| git | git | 1.5.4.6 | |
| git | git | 1.5.4.7 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9BC291EB-F083-4E66-B61B-50723E0E8A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "0756E43B-F13B-4EB4-89B3-9A7A6CA6DDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*", matchCriteriaId: "23E68B79-8E0C-4001-AECD-ED0AF81825B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*", matchCriteriaId: "6FAC3AF5-D66D-4972-B2C7-9D1CD784884A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1BE75459-E53B-4E3A-B94A-3A7DA916A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A51E31C-06CD-463F-BF7D-F14979AB492B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D198227B-3B53-4C29-985E-2596C0909A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*", matchCriteriaId: "E6347CFA-DC5A-4C0F-A516-02E6BBEDA3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*", matchCriteriaId: "B4474571-24EB-4D53-8A61-D77E560B0ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8B6544F7-D835-45C5-9645-AFEA9F264DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "43E47006-A44B-4BE1-AD6B-CF869C79A2CC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "569F2502-3023-44F6-8767-4DA465B3C754", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CDF10E4-F882-4BD6-AA56-B56CEC28D1DC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "909E71D3-A5E4-47AF-B9F4-2A05A4129EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "73FFB1CD-1C79-4DD8-BCAB-1FCA8D99C89B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "4124F148-9281-4465-9E16-67DE47E1F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*", matchCriteriaId: "22F07209-3FC5-4AA4-B9BF-18F32D7F402F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*", matchCriteriaId: "DDEF615E-48FB-4F1E-BC8E-B3A70457D474", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C43D08FF-7871-481D-A648-015F4DCF68E6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A4869796-F69A-49CC-9203-CE80F38E1A23", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "03769CFD-3A5F-4C5E-B548-6B8F7EFFDE14", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "4F2433A7-3333-407D-8147-9AC736049590", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "585B9665-B422-418D-9AEC-65E65D24621B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "7DA2677B-1237-4D22-A51E-3A67B6AA9F9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "2D6642BE-13B4-40F8-BFD4-AD1E55B1A3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*", matchCriteriaId: "18962E5D-185E-4AF8-B0B3-11026B61053D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*", matchCriteriaId: "2EBCE67F-34AC-4635-A2DF-E0C304FAB8E5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*", matchCriteriaId: "197F9E88-DE20-44B5-B159-8E7BC3986E9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3BF65B33-FD2F-4F2B-9F67-360F8957FABC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "3C668BD7-C4E3-4A12-9987-E565250E2E1F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "A3F93314-4F2D-4036-94F7-986B16BEC851", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "92A161E8-6CB8-40FF-9D90-00664185F69F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "B9533C06-96BF-4D5D-A29C-F2AD2EE5108C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B20EFCED-EC50-4A9B-970B-E29CDBDAABDE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F7F8-EFC2-4FD0-A293-59F76EBFAE05", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "361F32F0-8009-40D2-BC14-74AE90CDB36C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "6B6E65D8-0D8E-4D11-82D7-DD3FB3EB1095", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*", matchCriteriaId: "67535E99-5DD8-4F90-9DB1-5415201E94E2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*", matchCriteriaId: "F3163CEC-C0D5-401E-93C3-6A5316630FC2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*", matchCriteriaId: "8DA19E8C-34DE-4721-88E2-B97774E855E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*", matchCriteriaId: "ED57760D-0C08-43FE-A837-B00D271EDBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*", matchCriteriaId: "BA11029F-E4F7-4D4A-817C-A7CC5AD4E872", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*", matchCriteriaId: "8A42B9B9-7B29-429D-9ABC-736CCC038813", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*", matchCriteriaId: "456AD412-970D-495E-8F7F-0CF670C364B9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "63530521-E600-4326-B057-162E6635554B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "0715BCFB-5EAA-4812-BB59-7210CB6670FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BBAA74-B0DE-4388-8C1B-8C3FF258EDD8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A8CEFC6C-0066-4331-A7A8-02047A19206A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "1337EA7C-3E52-47EC-8A32-C61A3B5046A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "D9D484DA-BCEA-4873-9F8C-883D702644F7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "BF45A2CE-0E19-477F-9393-B8AAD158D285", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.", }, { lang: "es", value: "La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.6, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados a (1) git_snapshot y (2) git_object.", }, ], id: "CVE-2008-5517", lastModified: "2024-11-21T00:54:14.397", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-01-13T17:00:01.157", references: [ { source: "secalert@redhat.com", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { source: "secalert@redhat.com", url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33964", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34194", }, { source: "secalert@redhat.com", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2009/dsa-1708", }, { source: "secalert@redhat.com", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/33215", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { source: "secalert@redhat.com", url: "https://issues.rpath.com/browse/RPL-2936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2009/dsa-1708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/33215", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2936", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-94", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-01-21 02:30
Modified
2024-11-21 00:55
Severity ?
Summary
gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | 1.4.3.1 | |
| git | git | 1.4.3.2 | |
| git | git | 1.4.3.3 | |
| git | git | 1.4.3.4 | |
| git | git | 1.4.3.5 | |
| git | git | 1.4.4 | |
| git | git | 1.4.4.1 | |
| git | git | 1.4.4.2 | |
| git | git | 1.4.4.3 | |
| git | git | 1.4.4.4 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0.1 | |
| git | git | 1.5.0.2 | |
| git | git | 1.5.0.3 | |
| git | git | 1.5.0.4 | |
| git | git | 1.5.0.5 | |
| git | git | 1.5.0.6 | |
| git | git | 1.5.0.7 | |
| git | git | 1.5.1 | |
| git | git | 1.5.1.1 | |
| git | git | 1.5.1.2 | |
| git | git | 1.5.1.3 | |
| git | git | 1.5.1.4 | |
| git | git | 1.5.1.5 | |
| git | git | 1.5.1.6 | |
| git | git | 1.5.2 | |
| git | git | 1.5.2.1 | |
| git | git | 1.5.2.2 | |
| git | git | 1.5.2.3 | |
| git | git | 1.5.2.4 | |
| git | git | 1.5.2.5 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3.1 | |
| git | git | 1.5.3.2 | |
| git | git | 1.5.3.3 | |
| git | git | 1.5.3.4 | |
| git | git | 1.5.3.5 | |
| git | git | 1.5.3.6 | |
| git | git | 1.5.3.7 | |
| git | git | 1.5.3.8 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4.1 | |
| git | git | 1.5.4.2 | |
| git | git | 1.5.4.3 | |
| git | git | 1.5.4.4 | |
| git | git | 1.5.4.5 | |
| git | git | 1.5.4.6 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5.1 | |
| git | git | 1.5.5.2 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.4 | |
| git | git | 1.5.5.5 | |
| git | git | 1.5.6 | |
| git | git | 1.5.6.1 | |
| git | git | 1.5.6.2 | |
| git | git | 1.5.6.3 | |
| git | git | 1.5.6.4 | |
| git | git | 1.5.6.5 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0.1 | |
| git | git | 1.6.0.2 | |
| git | git | 1.6.0.3 | |
| git | git | 1.6.0.4 | |
| git | git | 1.6.0.5 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "02EC9660-8197-4992-B8BF-ACA81A1362D8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "52E67537-51C1-4D9A-AF11-1E6FE3290AAC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "3735BAE3-C767-44A3-BDD3-07DDEF9AE5C2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "25112BF9-B5C3-470D-8FD8-045707FA83FC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "46E0026C-93EF-4B4F-AEF2-E84F5EA1DCAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "562BD162-990B-4BAF-9074-11FCA1DFC4A9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "51B7B233-CCD6-4A58-B76D-990D1DCF1BA9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "7AB103FA-9580-4A2C-AF16-12909B5E47A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "8CF296EC-FECD-4F70-BBA8-D57C891E35A2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*", matchCriteriaId: "24B2BC27-CA73-4C45-9726-5178DB43DB94", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9BC291EB-F083-4E66-B61B-50723E0E8A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "0756E43B-F13B-4EB4-89B3-9A7A6CA6DDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*", matchCriteriaId: "23E68B79-8E0C-4001-AECD-ED0AF81825B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*", matchCriteriaId: "6FAC3AF5-D66D-4972-B2C7-9D1CD784884A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1BE75459-E53B-4E3A-B94A-3A7DA916A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A51E31C-06CD-463F-BF7D-F14979AB492B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D198227B-3B53-4C29-985E-2596C0909A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*", matchCriteriaId: "E6347CFA-DC5A-4C0F-A516-02E6BBEDA3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*", matchCriteriaId: "B4474571-24EB-4D53-8A61-D77E560B0ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8B6544F7-D835-45C5-9645-AFEA9F264DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "43E47006-A44B-4BE1-AD6B-CF869C79A2CC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "569F2502-3023-44F6-8767-4DA465B3C754", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CDF10E4-F882-4BD6-AA56-B56CEC28D1DC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "909E71D3-A5E4-47AF-B9F4-2A05A4129EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "73FFB1CD-1C79-4DD8-BCAB-1FCA8D99C89B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "4124F148-9281-4465-9E16-67DE47E1F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*", matchCriteriaId: "22F07209-3FC5-4AA4-B9BF-18F32D7F402F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*", matchCriteriaId: "DDEF615E-48FB-4F1E-BC8E-B3A70457D474", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C43D08FF-7871-481D-A648-015F4DCF68E6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A4869796-F69A-49CC-9203-CE80F38E1A23", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "03769CFD-3A5F-4C5E-B548-6B8F7EFFDE14", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "4F2433A7-3333-407D-8147-9AC736049590", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "585B9665-B422-418D-9AEC-65E65D24621B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "7DA2677B-1237-4D22-A51E-3A67B6AA9F9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "2D6642BE-13B4-40F8-BFD4-AD1E55B1A3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*", matchCriteriaId: "18962E5D-185E-4AF8-B0B3-11026B61053D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*", matchCriteriaId: "2EBCE67F-34AC-4635-A2DF-E0C304FAB8E5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*", matchCriteriaId: "197F9E88-DE20-44B5-B159-8E7BC3986E9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3BF65B33-FD2F-4F2B-9F67-360F8957FABC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "3C668BD7-C4E3-4A12-9987-E565250E2E1F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "A3F93314-4F2D-4036-94F7-986B16BEC851", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "92A161E8-6CB8-40FF-9D90-00664185F69F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "B9533C06-96BF-4D5D-A29C-F2AD2EE5108C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B20EFCED-EC50-4A9B-970B-E29CDBDAABDE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F7F8-EFC2-4FD0-A293-59F76EBFAE05", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "361F32F0-8009-40D2-BC14-74AE90CDB36C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "6B6E65D8-0D8E-4D11-82D7-DD3FB3EB1095", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*", matchCriteriaId: "67535E99-5DD8-4F90-9DB1-5415201E94E2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*", matchCriteriaId: "F3163CEC-C0D5-401E-93C3-6A5316630FC2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*", matchCriteriaId: "8DA19E8C-34DE-4721-88E2-B97774E855E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*", matchCriteriaId: "ED57760D-0C08-43FE-A837-B00D271EDBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*", matchCriteriaId: "BA11029F-E4F7-4D4A-817C-A7CC5AD4E872", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*", matchCriteriaId: "8A42B9B9-7B29-429D-9ABC-736CCC038813", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*", matchCriteriaId: "456AD412-970D-495E-8F7F-0CF670C364B9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "63530521-E600-4326-B057-162E6635554B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "0715BCFB-5EAA-4812-BB59-7210CB6670FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BBAA74-B0DE-4388-8C1B-8C3FF258EDD8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A8CEFC6C-0066-4331-A7A8-02047A19206A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "1337EA7C-3E52-47EC-8A32-C61A3B5046A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "D9D484DA-BCEA-4873-9F8C-883D702644F7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3095075A-5A99-4718-9E5E-56D442A14EAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*", matchCriteriaId: "49D8DA6B-C306-455E-BAF1-0C5C2E1F33B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*", matchCriteriaId: "6881163A-4097-4BAE-A84A-82D819BBF304", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*", matchCriteriaId: "BF31FA87-A8B8-46A1-8945-CB2613FE3B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "32E6B6B9-BD9A-4DF2-8DDC-B2A55431B3FA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "0FA7D904-012D-448D-B1F6-885A472B8BCC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*", matchCriteriaId: "FF740C26-5EB6-4184-93C3-DAC38F01CE25", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "E3D715F7-34D2-4D1D-B49B-74AF4D7D7C55", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "31BE5F63-902F-4326-B38B-96D692F86B7F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "C7122491-D55D-451B-A2BC-D87D283A504E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "D6C7B6C0-BE57-44E3-AFEE-C4EF2A721ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "8B8F4980-EC18-4DBA-8950-82F1B81FC008", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*", matchCriteriaId: "12C5DE96-2748-4A9F-A321-D6AD3091C3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*", matchCriteriaId: "B3E7D230-166E-434D-B425-01D6EC159A27", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*", matchCriteriaId: "3BDC47F7-47D6-4780-B637-BF646D522ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A600049E-2E7D-4A05-926B-C6A4F26496AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "52406E96-C133-4EE9-BF80-D2327DFEFC10", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "B08816A4-C2D8-40BE-BD46-D9A3A6BBED0F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "BAEBEDEF-54BD-4974-AE96-ABCF85508379", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "11EE6977-784D-49C9-A1EF-740F5225CF80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.", }, { lang: "es", value: "gitweb/gitweb.perl en gitweb en Git 1.6.x anteriores a v1.6.0.6, 1.5.6.x anteriores a v1.5.6.6, 1.5.5.x anteriores a v1.5.5.6, 1.5.4.x anteriores a v1.5.4.7, y otras versiones posteriores a v1.4.3 permite a los propietarios del repositorio ejecutar comandos de su elección por modificación de la configuración de la variable diff.external y ejecutando una consulta manipulada gitweb.", }, ], id: "CVE-2008-5916", lastModified: "2024-11-21T00:55:12.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 3.9, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-01-21T02:30:00.203", references: [ { source: "cve@mitre.org", url: "http://marc.info/?l=git&m=122975564100860&w=2", }, { source: "cve@mitre.org", url: "http://marc.info/?l=linux-kernel&m=122975564100863&w=2:", }, { source: "cve@mitre.org", url: "http://osvdb.org/50918", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/33282", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/33964", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/34194", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/4922", }, { source: "cve@mitre.org", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2009/01/15/2", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2009/01/20/2", }, { source: "cve@mitre.org", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/47528", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=git&m=122975564100860&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=linux-kernel&m=122975564100863&w=2:", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/50918", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/33282", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/33964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/34194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/4922", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/15/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/20/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/47528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-14 23:15
Modified
2024-11-21 05:33
Severity ?
9.3 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | * | |
| git | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| git-scm | git | * | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| canonical | ubuntu_linux | 19.10 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| debian | debian_linux | 10.0 | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| opensuse | leap | 15.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "6FA998D4-C2C4-44EE-901D-CF5936D7D1F1", versionEndExcluding: "2.17.4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "B14A2B17-C2F7-4DB6-8CC1-B77C4FF9ACD0", versionEndExcluding: "2.22.3", versionStartIncluding: "2.22.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "E405970A-87F9-4EE3-A039-50B150ADAD85", versionEndExcluding: "2.18.3", versionStartIncluding: "2.18.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "40D4CABA-6F48-49AD-96A4-E036EAB3177A", versionEndExcluding: "2.19.4", versionStartIncluding: "2.19.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "0655FC8A-0AB5-4148-A97F-8673C2741D81", versionEndExcluding: "2.20.3", versionStartIncluding: "2.20.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "038B2F58-867C-4D3D-9DB8-AE2481285786", versionEndExcluding: "2.21.2", versionStartIncluding: "2.21.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "51FB16E7-BC48-4333-85FF-335318B987CB", versionEndExcluding: "2.23.2", versionStartIncluding: "2.23.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "8AF1F1BC-33E7-4E0E-8BBB-159D91724133", versionEndExcluding: "2.24.2", versionStartIncluding: "2.24.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "DA825115-AFF5-4F6A-AB80-ABF1540744B8", versionEndExcluding: "2.25.3", versionStartIncluding: "2.25.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "D3219B2B-172D-4DAF-B345-6EDC0330CC8F", versionEndExcluding: "2.26.1", versionStartIncluding: "2.26.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", matchCriteriaId: "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", vulnerable: true, }, { criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external \"credential helper\" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.", }, { lang: "es", value: "Las versiones afectadas de Git presentan una vulnerabilidad por la cual Git puede ser engañado para enviar credenciales privadas a un host controlado por un atacante. Git usa programas externos de \"credential helper\" para almacenar y recuperar contraseñas u otras credenciales del almacenamiento seguro provistas por el sistema operativo. Las URL especialmente diseñadas que contienen una nueva línea codificada pueden inyectar valores no deseados en la secuencia del protocolo credential helper, causando que el asistente de credenciales recupere la contraseña de un servidor (por ejemplo, good.example.com) para una petición HTTP que se lleva a cabo en otro servidor ( por ejemplo, evil.example.com), resultando en que las credenciales para el primero se envíen al segundo. No existen restricciones en la relación entre los dos, lo que significa que un atacante puede crear una URL que presente credenciales almacenadas para cualquier host a un host de su elección. La vulnerabilidad puede ser activada alimentando una URL maliciosa a git clone. Sin embargo, las URL afectadas lucen bastante sospechosas; el vector probable sería por medio de sistemas que clonan automáticamente las URL no visibles para el usuario, como submódulos de Git o sistemas de paquetes creados alrededor de Git. El problema se ha corregido en las versiones publicadas el 14 de abril de 2020, que se remontan a las versiones v2.17.x. Cualquiera que desee respaldar el cambio aún más puede hacerlo aplicando el commit 9a6bbee (la versión completa incluye comprobaciones adicionales para git fsck, pero ese commit es suficiente para proteger a los clientes contra la vulnerabilidad). Las versiones parcheadas son: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.", }, ], id: "CVE-2020-5260", lastModified: "2024-11-21T05:33:47.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.8, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-14T23:15:12.607", references: [ { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", }, { source: "security-advisories@github.com", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/5", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/6", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/04/20/1", }, { source: "security-advisories@github.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", }, { source: "security-advisories@github.com", tags: [ "Mitigation", "Patch", "Third Party Advisory", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { source: "security-advisories@github.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/", }, { source: "security-advisories@github.com", url: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202004-13", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT211141", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4329-1/", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4657", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2020/04/20/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", "Patch", "Third Party Advisory", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202004-13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT211141", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://usn.ubuntu.com/4329-1/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2020/dsa-4657", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-522", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-19 17:15
Modified
2024-11-21 06:52
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | * | |
| fedoraproject | extra_packages_for_enterprise_linux | 8.0 | |
| fedoraproject | fedora | 34 | |
| fedoraproject | fedora | 35 | |
| fedoraproject | fedora | 36 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:ruby:*:*", matchCriteriaId: "70BB47C9-3731-4F8A-8415-A9FE2F8D8B96", versionEndExcluding: "1.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "BB176AC3-3CDA-4DDA-9089-C67B2F73AA62", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", matchCriteriaId: "A930E247-0B43-43CB-98FF-6CE7B8189835", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", matchCriteriaId: "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.", }, { lang: "es", value: "El paquete git versiones anteriores a 1.11.0, es vulnerable a una inyección de comandos por medio de una inyección de argumentos git. Cuando es llamada a la función fetch(remote = \"origin\", opts = {}), el parámetro remoto es pasado al subcomando git fetch de forma que pueden establecerse flags adicionales. Los flags adicionales pueden ser usados para llevar a cabo una inyección de comandos", }, ], id: "CVE-2022-25648", lastModified: "2024-11-21T06:52:30.400", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 5.9, source: "report@snyk.io", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-04-19T17:15:11.333", references: [ { source: "report@snyk.io", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/ruby-git/ruby-git/pull/569", }, { source: "report@snyk.io", tags: [ "Release Notes", ], url: "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0", }, { source: "report@snyk.io", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html", }, { source: "report@snyk.io", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTJUF6SFPL4ZVSJQHGQ36KFPFO5DQVYZ/", }, { source: "report@snyk.io", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q2V3HOFU4ZVTQZHAVAVL3EX2KU53SP7R/", }, { source: "report@snyk.io", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNJA7WPE67LJ3DJMWZ2TADHCZKWMY55/", }, { source: "report@snyk.io", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/ruby-git/ruby-git/pull/569", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTJUF6SFPL4ZVSJQHGQ36KFPFO5DQVYZ/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q2V3HOFU4ZVTQZHAVAVL3EX2KU53SP7R/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNJA7WPE67LJ3DJMWZ2TADHCZKWMY55/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270", }, ], sourceIdentifier: "report@snyk.io", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-88", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2024-05-14 19:15
Modified
2024-11-21 09:14
Severity ?
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
9.0 (Critical) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "67C50136-86FF-4BCF-B21F-5F09947CF6AC", versionEndExcluding: "2.39.4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "28F0EBE5-AAB1-4BC8-B3CA-5F0B3D71642B", versionEndExcluding: "2.40.2", versionStartIncluding: "2.40.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "790B191F-6DD7-4F0A-96BD-BAD5CF3F2081", versionEndExcluding: "2.42.2", versionStartIncluding: "2.42.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", matchCriteriaId: "14C6890A-11D9-46CD-AF1D-85FAF61A0AA8", versionEndExcluding: "2.43.4", versionStartIncluding: "2.43.0", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*", matchCriteriaId: "09120A06-22E2-45A6-93B3-913DB7F52788", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*", matchCriteriaId: "A641AB1F-0712-43F6-B7D6-E19D1D88D3C3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*", matchCriteriaId: "1E742D5F-55D2-47D7-A3CC-C359A4555E7E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.", }, { lang: "es", value: "Git es un sistema de control de revisiones. Antes de las versiones 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2 y 2.39.4, los repositorios con submódulos se podían manipular de manera que explotaran un error en Git mediante el cual se deja engañar y escribe archivos, no en el árbol de trabajo del submódulo, sino en un directorio `.git/`. Esto permite escribir un enlace que se ejecutará mientras la operación de clonación aún se está ejecutando, sin darle al usuario la oportunidad de inspeccionar el código que se está ejecutando. El problema se solucionó en las versiones 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2 y 2.39.4. Si la compatibilidad con enlaces simbólicos está deshabilitada en Git (por ejemplo, mediante `git config --global core.symlinks false`), el ataque descrito no funcionará. Como siempre, es mejor evitar clonar repositorios de fuentes que no sean de confianza.", }, ], id: "CVE-2024-32002", lastModified: "2024-11-21T09:14:19.267", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "security-advisories@github.com", type: "Secondary", }, { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2024-05-14T19:15:10.810", references: [ { source: "security-advisories@github.com", url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { source: "security-advisories@github.com", tags: [ "Not Applicable", ], url: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", }, { source: "security-advisories@github.com", tags: [ "Not Applicable", ], url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { source: "security-advisories@github.com", tags: [ "Patch", ], url: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", }, { source: "security-advisories@github.com", tags: [ "Third Party Advisory", ], url: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", }, { source: "security-advisories@github.com", url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, { source: "security-advisories@github.com", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, ], sourceIdentifier: "security-advisories@github.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, { lang: "en", value: "CWE-434", }, ], source: "security-advisories@github.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-59", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-06-18 18:30
Modified
2024-11-21 01:04
Severity ?
Summary
git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | 1.4.4.5 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0.1 | |
| git | git | 1.5.0.2 | |
| git | git | 1.5.0.3 | |
| git | git | 1.5.0.4 | |
| git | git | 1.5.0.5 | |
| git | git | 1.5.0.6 | |
| git | git | 1.5.0.7 | |
| git | git | 1.5.1 | |
| git | git | 1.5.1.1 | |
| git | git | 1.5.1.2 | |
| git | git | 1.5.1.3 | |
| git | git | 1.5.1.4 | |
| git | git | 1.5.1.5 | |
| git | git | 1.5.2 | |
| git | git | 1.5.2.2 | |
| git | git | 1.5.2.3 | |
| git | git | 1.5.2.4 | |
| git | git | 1.5.2.5 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3.2 | |
| git | git | 1.5.3.4 | |
| git | git | 1.5.3.6 | |
| git | git | 1.5.3.8 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4.1 | |
| git | git | 1.5.4.2 | |
| git | git | 1.5.4.4 | |
| git | git | 1.5.4.7 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5.1 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.4 | |
| git | git | 1.5.5.5 | |
| git | git | 1.5.5.6 | |
| git | git | 1.5.6 | |
| git | git | 1.5.6.1 | |
| git | git | 1.5.6.2 | |
| git | git | 1.5.6.3 | |
| git | git | 1.5.6.4 | |
| git | git | 1.5.6.5 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0.1 | |
| git | git | 1.6.0.2 | |
| git | git | 1.6.0.3 | |
| git | git | 1.6.0.4 | |
| git | git | 1.6.0.5 | |
| git | git | 1.6.0.6 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1.4 | |
| git | git | 1.6.2 | |
| git | git | 1.6.2 | |
| git | git | 1.6.2.1 | |
| git | git | 1.6.2.2 | |
| git | git | 1.6.2.3 | |
| git | git | 1.6.2.4 | |
| git | git | 1.6.2.5 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3.1 | |
| git | git | 1.6.3.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:1.4.4.5:*:*:*:*:*:*:*", matchCriteriaId: "EA8EC58A-89AD-4BA3-B057-3DA6B5E0FD11", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9BC291EB-F083-4E66-B61B-50723E0E8A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "0756E43B-F13B-4EB4-89B3-9A7A6CA6DDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*", matchCriteriaId: "23E68B79-8E0C-4001-AECD-ED0AF81825B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*", matchCriteriaId: "6FAC3AF5-D66D-4972-B2C7-9D1CD784884A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1BE75459-E53B-4E3A-B94A-3A7DA916A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A51E31C-06CD-463F-BF7D-F14979AB492B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D198227B-3B53-4C29-985E-2596C0909A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*", matchCriteriaId: "E6347CFA-DC5A-4C0F-A516-02E6BBEDA3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*", matchCriteriaId: "B4474571-24EB-4D53-8A61-D77E560B0ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8B6544F7-D835-45C5-9645-AFEA9F264DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "43E47006-A44B-4BE1-AD6B-CF869C79A2CC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "569F2502-3023-44F6-8767-4DA465B3C754", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CDF10E4-F882-4BD6-AA56-B56CEC28D1DC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "909E71D3-A5E4-47AF-B9F4-2A05A4129EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "73FFB1CD-1C79-4DD8-BCAB-1FCA8D99C89B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "4124F148-9281-4465-9E16-67DE47E1F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*", matchCriteriaId: "22F07209-3FC5-4AA4-B9BF-18F32D7F402F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C43D08FF-7871-481D-A648-015F4DCF68E6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "03769CFD-3A5F-4C5E-B548-6B8F7EFFDE14", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "4F2433A7-3333-407D-8147-9AC736049590", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "585B9665-B422-418D-9AEC-65E65D24621B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "7DA2677B-1237-4D22-A51E-3A67B6AA9F9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "2D6642BE-13B4-40F8-BFD4-AD1E55B1A3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*", matchCriteriaId: "2EBCE67F-34AC-4635-A2DF-E0C304FAB8E5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*", matchCriteriaId: "197F9E88-DE20-44B5-B159-8E7BC3986E9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "3C668BD7-C4E3-4A12-9987-E565250E2E1F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "92A161E8-6CB8-40FF-9D90-00664185F69F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B20EFCED-EC50-4A9B-970B-E29CDBDAABDE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "361F32F0-8009-40D2-BC14-74AE90CDB36C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*", matchCriteriaId: "67535E99-5DD8-4F90-9DB1-5415201E94E2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*", matchCriteriaId: "F3163CEC-C0D5-401E-93C3-6A5316630FC2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*", matchCriteriaId: "8DA19E8C-34DE-4721-88E2-B97774E855E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*", matchCriteriaId: "BA11029F-E4F7-4D4A-817C-A7CC5AD4E872", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*", matchCriteriaId: "8A42B9B9-7B29-429D-9ABC-736CCC038813", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "63530521-E600-4326-B057-162E6635554B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "0715BCFB-5EAA-4812-BB59-7210CB6670FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A8CEFC6C-0066-4331-A7A8-02047A19206A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "BF45A2CE-0E19-477F-9393-B8AAD158D285", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3095075A-5A99-4718-9E5E-56D442A14EAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*", matchCriteriaId: "49D8DA6B-C306-455E-BAF1-0C5C2E1F33B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*", matchCriteriaId: "6881163A-4097-4BAE-A84A-82D819BBF304", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*", matchCriteriaId: "BF31FA87-A8B8-46A1-8945-CB2613FE3B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "32E6B6B9-BD9A-4DF2-8DDC-B2A55431B3FA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*", matchCriteriaId: "FF740C26-5EB6-4184-93C3-DAC38F01CE25", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "E3D715F7-34D2-4D1D-B49B-74AF4D7D7C55", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "6DF925DE-031A-451F-83A6-1B355D364358", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "31BE5F63-902F-4326-B38B-96D692F86B7F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "C7122491-D55D-451B-A2BC-D87D283A504E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "D6C7B6C0-BE57-44E3-AFEE-C4EF2A721ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "05F3F78A-C8A5-4F5C-89FA-418A88A8DBAE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc0:*:*:*:*:*:*", matchCriteriaId: "F6DA2D48-4F72-4811-870A-4E2B99B4361E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc2:*:*:*:*:*:*", matchCriteriaId: "278CD0BC-81AC-4EEE-8437-2981F94B40B5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc3:*:*:*:*:*:*", matchCriteriaId: "B9DAAE30-324D-4D36-AAA9-0DEA6F2A986E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "8B8F4980-EC18-4DBA-8950-82F1B81FC008", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*", matchCriteriaId: "12C5DE96-2748-4A9F-A321-D6AD3091C3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*", matchCriteriaId: "B3E7D230-166E-434D-B425-01D6EC159A27", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*", matchCriteriaId: "3BDC47F7-47D6-4780-B637-BF646D522ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A600049E-2E7D-4A05-926B-C6A4F26496AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "52406E96-C133-4EE9-BF80-D2327DFEFC10", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "B08816A4-C2D8-40BE-BD46-D9A3A6BBED0F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "BAEBEDEF-54BD-4974-AE96-ABCF85508379", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "11EE6977-784D-49C9-A1EF-740F5225CF80", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1237CF62-B0FC-463E-BD89-7CE4EA6BE04E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "4B271C19-57A4-4C55-93F6-D2E8DBB77227", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc1:*:*:*:*:*:*", matchCriteriaId: "3969527E-386C-4847-BE40-9248334F0CEC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc2:*:*:*:*:*:*", matchCriteriaId: "270B17C7-68D3-4EBE-B7FA-228EBF68AAA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc3:*:*:*:*:*:*", matchCriteriaId: "A1220F4F-68A2-45DC-A713-5E5623F09BF7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc4:*:*:*:*:*:*", matchCriteriaId: "DFECB8C5-534D-4795-A6E0-6918CFAC8F22", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1.4:*:*:*:*:*:*:*", matchCriteriaId: "9B2A1CA7-7E39-4B44-9BE7-7CA2189FDE78", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "B6CAC62E-587A-420E-BA87-1DD7521DE041", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2:rc1:*:*:*:*:*:*", matchCriteriaId: "DB9EF84C-AFDD-47F7-A4CF-9248F576AE13", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C103628E-6386-4FD1-9C9F-006C2A66D8C9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.2:*:*:*:*:*:*:*", matchCriteriaId: "62E9E5D3-7409-47E3-8D80-6EEA07E75307", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "8438B6E4-82D7-4802-967A-0B57A0FB3C94", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.4:*:*:*:*:*:*:*", matchCriteriaId: "BEA315FC-51F6-4F3B-B5BE-65EC19C04C03", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.5:*:*:*:*:*:*:*", matchCriteriaId: "AE4C1753-6B09-48DB-86EF-FED3227775E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "8B7B30E6-0CCC-4CD1-942C-E5D41F457A28", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc1:*:*:*:*:*:*", matchCriteriaId: "2077E2D4-C924-4B9F-81C3-3415DC3A64B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc2:*:*:*:*:*:*", matchCriteriaId: "6F118777-F3D1-4F3B-8708-E9A1DA26B09F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc3:*:*:*:*:*:*", matchCriteriaId: "875D5BB6-4AEB-47C7-9E82-532BB917ADFF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc4:*:*:*:*:*:*", matchCriteriaId: "1194FF74-89D6-4D5A-A5A9-E13127978FE7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3.1:*:*:*:*:*:*:*", matchCriteriaId: "24B2004A-F5EB-4510-A60A-AD1C407CCB42", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3.2:*:*:*:*:*:*:*", matchCriteriaId: "2DD783B5-72E2-4FE3-B5A3-0325E60BE2B3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.", }, { lang: "es", value: "git-daemon en git v1.4.4.5 hasta v1.6.3 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y agotamiento de CPU) a través de una una petición que contenga argumentos no reconocidos extra.", }, ], id: "CVE-2009-2108", lastModified: "2024-11-21T01:04:08.807", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-06-18T18:30:00.437", references: [ { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://article.gmane.org/gmane.comp.version-control.git/120733", }, { source: "cve@mitre.org", url: "http://osvdb.org/55034", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/35437", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/35730", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200907-05.xml", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://thread.gmane.org/gmane.comp.version-control.git/120724", }, { source: "cve@mitre.org", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:155", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2009/06/12/1", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/35338", }, { source: "cve@mitre.org", url: "http://www.securitytracker.com/id?1022398", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/1579", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/51083", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://article.gmane.org/gmane.comp.version-control.git/120733", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/55034", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/35437", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/35730", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200907-05.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://thread.gmane.org/gmane.comp.version-control.git/120724", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:155", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.openwall.com/lists/oss-security/2009/06/12/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/35338", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1022398", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/1579", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/51083", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-12-17 19:00
Modified
2024-11-21 01:19
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | 0.99.9j | |
| git | git | 0.99.9k | |
| git | git | 0.99.9l | |
| git | git | 0.99.9m | |
| git | git | 0.99.9n | |
| git | git | 1.0.0 | |
| git | git | 1.0.0b | |
| git | git | 1.0.3 | |
| git | git | 1.0.4 | |
| git | git | 1.0.5 | |
| git | git | 1.0.6 | |
| git | git | 1.0.7 | |
| git | git | 1.0.8 | |
| git | git | 1.1.0 | |
| git | git | 1.1.1 | |
| git | git | 1.1.2 | |
| git | git | 1.1.3 | |
| git | git | 1.1.4 | |
| git | git | 1.1.5 | |
| git | git | 1.1.6 | |
| git | git | 1.2.0 | |
| git | git | 1.2.1 | |
| git | git | 1.2.2 | |
| git | git | 1.2.3 | |
| git | git | 1.2.4 | |
| git | git | 1.2.5 | |
| git | git | 1.2.6 | |
| git | git | 1.3.0 | |
| git | git | 1.3.1 | |
| git | git | 1.3.2 | |
| git | git | 1.3.3 | |
| git | git | 1.4.0 | |
| git | git | 1.4.1 | |
| git | git | 1.4.1.1 | |
| git | git | 1.4.2 | |
| git | git | 1.4.2.1 | |
| git | git | 1.4.2.2 | |
| git | git | 1.4.2.3 | |
| git | git | 1.4.2.4 | |
| git | git | 1.4.3 | |
| git | git | 1.4.3.1 | |
| git | git | 1.4.3.2 | |
| git | git | 1.4.3.3 | |
| git | git | 1.4.3.4 | |
| git | git | 1.4.3.5 | |
| git | git | 1.4.4 | |
| git | git | 1.4.4.1 | |
| git | git | 1.4.4.2 | |
| git | git | 1.4.4.3 | |
| git | git | 1.4.4.4 | |
| git | git | 1.4.4.5 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0.1 | |
| git | git | 1.5.0.2 | |
| git | git | 1.5.0.3 | |
| git | git | 1.5.0.4 | |
| git | git | 1.5.0.5 | |
| git | git | 1.5.0.6 | |
| git | git | 1.5.0.7 | |
| git | git | 1.5.1 | |
| git | git | 1.5.1.1 | |
| git | git | 1.5.1.2 | |
| git | git | 1.5.1.3 | |
| git | git | 1.5.1.4 | |
| git | git | 1.5.1.5 | |
| git | git | 1.5.1.6 | |
| git | git | 1.5.2 | |
| git | git | 1.5.2.1 | |
| git | git | 1.5.2.2 | |
| git | git | 1.5.2.3 | |
| git | git | 1.5.2.4 | |
| git | git | 1.5.2.5 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3.1 | |
| git | git | 1.5.3.2 | |
| git | git | 1.5.3.3 | |
| git | git | 1.5.3.4 | |
| git | git | 1.5.3.5 | |
| git | git | 1.5.3.6 | |
| git | git | 1.5.3.7 | |
| git | git | 1.5.3.8 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4.1 | |
| git | git | 1.5.4.2 | |
| git | git | 1.5.4.3 | |
| git | git | 1.5.4.4 | |
| git | git | 1.5.4.5 | |
| git | git | 1.5.4.6 | |
| git | git | 1.5.4.7 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5.1 | |
| git | git | 1.5.5.2 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.4 | |
| git | git | 1.5.5.5 | |
| git | git | 1.5.5.6 | |
| git | git | 1.5.6 | |
| git | git | 1.5.6.1 | |
| git | git | 1.5.6.2 | |
| git | git | 1.5.6.3 | |
| git | git | 1.5.6.4 | |
| git | git | 1.5.6.5 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.5.6.6 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0 | |
| git | git | 1.6.0.1 | |
| git | git | 1.6.0.2 | |
| git | git | 1.6.0.3 | |
| git | git | 1.6.0.4 | |
| git | git | 1.6.0.5 | |
| git | git | 1.6.0.6 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1 | |
| git | git | 1.6.1.4 | |
| git | git | 1.6.2 | |
| git | git | 1.6.2 | |
| git | git | 1.6.2.1 | |
| git | git | 1.6.2.2 | |
| git | git | 1.6.2.3 | |
| git | git | 1.6.2.4 | |
| git | git | 1.6.2.5 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3 | |
| git | git | 1.6.3.1 | |
| git | git | 1.6.3.2 | |
| git | git | 1.7.2 | |
| git | git | 1.7.2.1 | |
| git | git | 1.7.2.2 | |
| git | git | 1.7.2.3 | |
| git | git | 1.7.2.4 | |
| git | git | 1.7.2.5 | |
| git | git | 1.7.3 | |
| git | git | 1.7.3.1 | |
| git | git | 1.7.3.2 | |
| git-scm | git | * | |
| git-scm | git | 0.01 | |
| git-scm | git | 0.02 | |
| git-scm | git | 0.03 | |
| git-scm | git | 0.04 | |
| git-scm | git | 0.5 | |
| git-scm | git | 0.6.0 | |
| git-scm | git | 0.7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:0.99.9j:*:*:*:*:*:*:*", matchCriteriaId: "93DA4D8D-3386-4A22-8951-96DDF8B2AB4F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9k:*:*:*:*:*:*:*", matchCriteriaId: "88AE94F1-4C8D-4CB2-80CA-70BDDAA15E5E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9l:*:*:*:*:*:*:*", matchCriteriaId: "D886507B-0192-4D0F-80EE-0E1FD4F2CB9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9m:*:*:*:*:*:*:*", matchCriteriaId: "E3E13512-B8F7-4AA4-9551-71FBA7B746D5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9n:*:*:*:*:*:*:*", matchCriteriaId: "E9154DE6-070E-4E6A-A2E4-B25B243FCE9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86156029-EE44-45B6-AF73-641502AC8007", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*", matchCriteriaId: "C7C119CD-4432-4EF8-95BA-BED4C93E609F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BD14EC-D963-4D3A-998F-4041E0F20547", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "7F24CC42-E1E2-4B03-B5D5-7A3050BAE01D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "A0BD6A9F-4AA2-4672-94FA-002B10478166", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "05F3F409-D4F5-4B89-9D9B-63E8041E3700", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "228B069E-80BB-4A95-8BBD-66D9C78F2B0D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "38EA9447-A92C-43C9-ADD0-F8DCAD57A6C5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "9ECD92C3-4B06-447C-BB93-205E7F9A4F02", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "09E4D3DC-7541-4E37-911C-8EC4258D678C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "84137274-7537-4F23-A193-06B7D85820D2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "E6003B70-C2BD-4402-A3DA-9F52FC1EF292", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D6501938-1E45-4C86-98E8-64D6449674B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "F3E5C886-FE1B-4702-96C3-625FAC27C0B4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "E9761C27-43EF-4ABF-9B99-FF132147651E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "98711B3F-75E7-4116-BC94-ACF9186C7B20", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "2F432595-E793-4321-8CDE-0308982403DD", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "506F265F-4EC0-4DA8-8245-F214BE688BF7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "36077120-17DD-4C0C-8AB9-398361CA98FC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "26FB1987-92E9-4379-AF7A-A29AA1BE348C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "330A8383-6B47-421C-9655-7F7416164CA9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "3EE094E0-CE52-46BC-A012-945530B87572", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "8DBC29B5-50FE-4BDA-9CEF-14CFF31581AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "058F8DA2-1490-4847-BB87-EF76E0F8A9A5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "EAA3E46B-D1CD-4F8B-BF76-9161E70832B2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "DE5EA7B0-6D78-46B7-BEE1-1A0576D56CC3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "0243E80A-5F9A-4742-A83A-076CD822E254", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "2D8BB818-7D5A-4F56-A8A7-11AB861409F4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "0613B062-A0D6-4403-ADA0-F848F21A3BB1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "F13D209A-44DD-406B-86CB-3BE1B2C95789", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A6D3BC2F-9E38-4F5F-A559-328323F133FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6B8F3E29-9B94-4F46-8A59-FC02EBD9CD6E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.3:*:*:*:*:*:*:*", matchCriteriaId: "44017E26-4AA6-4E76-B047-24D738D505A2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.4:*:*:*:*:*:*:*", matchCriteriaId: "5D883B55-8F7A-48AD-8536-3B7901AE95E9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "B2F644BD-2A37-40C8-8C02-67B671474BD3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "02EC9660-8197-4992-B8BF-ACA81A1362D8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "52E67537-51C1-4D9A-AF11-1E6FE3290AAC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "3735BAE3-C767-44A3-BDD3-07DDEF9AE5C2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "25112BF9-B5C3-470D-8FD8-045707FA83FC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "46E0026C-93EF-4B4F-AEF2-E84F5EA1DCAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "562BD162-990B-4BAF-9074-11FCA1DFC4A9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "51B7B233-CCD6-4A58-B76D-990D1DCF1BA9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "7AB103FA-9580-4A2C-AF16-12909B5E47A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "8CF296EC-FECD-4F70-BBA8-D57C891E35A2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*", matchCriteriaId: "24B2BC27-CA73-4C45-9726-5178DB43DB94", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.5:*:*:*:*:*:*:*", matchCriteriaId: "EA8EC58A-89AD-4BA3-B057-3DA6B5E0FD11", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9BC291EB-F083-4E66-B61B-50723E0E8A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "0756E43B-F13B-4EB4-89B3-9A7A6CA6DDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*", matchCriteriaId: "23E68B79-8E0C-4001-AECD-ED0AF81825B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*", matchCriteriaId: "6FAC3AF5-D66D-4972-B2C7-9D1CD784884A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1BE75459-E53B-4E3A-B94A-3A7DA916A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A51E31C-06CD-463F-BF7D-F14979AB492B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D198227B-3B53-4C29-985E-2596C0909A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*", matchCriteriaId: "E6347CFA-DC5A-4C0F-A516-02E6BBEDA3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*", matchCriteriaId: "B4474571-24EB-4D53-8A61-D77E560B0ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8B6544F7-D835-45C5-9645-AFEA9F264DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "43E47006-A44B-4BE1-AD6B-CF869C79A2CC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "569F2502-3023-44F6-8767-4DA465B3C754", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CDF10E4-F882-4BD6-AA56-B56CEC28D1DC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "909E71D3-A5E4-47AF-B9F4-2A05A4129EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "73FFB1CD-1C79-4DD8-BCAB-1FCA8D99C89B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "4124F148-9281-4465-9E16-67DE47E1F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*", matchCriteriaId: "22F07209-3FC5-4AA4-B9BF-18F32D7F402F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*", matchCriteriaId: "DDEF615E-48FB-4F1E-BC8E-B3A70457D474", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C43D08FF-7871-481D-A648-015F4DCF68E6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A4869796-F69A-49CC-9203-CE80F38E1A23", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "03769CFD-3A5F-4C5E-B548-6B8F7EFFDE14", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "4F2433A7-3333-407D-8147-9AC736049590", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "585B9665-B422-418D-9AEC-65E65D24621B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "7DA2677B-1237-4D22-A51E-3A67B6AA9F9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "2D6642BE-13B4-40F8-BFD4-AD1E55B1A3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*", matchCriteriaId: "18962E5D-185E-4AF8-B0B3-11026B61053D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*", matchCriteriaId: "2EBCE67F-34AC-4635-A2DF-E0C304FAB8E5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*", matchCriteriaId: "197F9E88-DE20-44B5-B159-8E7BC3986E9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3BF65B33-FD2F-4F2B-9F67-360F8957FABC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "3C668BD7-C4E3-4A12-9987-E565250E2E1F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "A3F93314-4F2D-4036-94F7-986B16BEC851", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "92A161E8-6CB8-40FF-9D90-00664185F69F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "B9533C06-96BF-4D5D-A29C-F2AD2EE5108C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B20EFCED-EC50-4A9B-970B-E29CDBDAABDE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F7F8-EFC2-4FD0-A293-59F76EBFAE05", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "361F32F0-8009-40D2-BC14-74AE90CDB36C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "6B6E65D8-0D8E-4D11-82D7-DD3FB3EB1095", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*", matchCriteriaId: "67535E99-5DD8-4F90-9DB1-5415201E94E2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*", matchCriteriaId: "F3163CEC-C0D5-401E-93C3-6A5316630FC2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*", matchCriteriaId: "8DA19E8C-34DE-4721-88E2-B97774E855E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*", matchCriteriaId: "ED57760D-0C08-43FE-A837-B00D271EDBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*", matchCriteriaId: "BA11029F-E4F7-4D4A-817C-A7CC5AD4E872", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*", matchCriteriaId: "8A42B9B9-7B29-429D-9ABC-736CCC038813", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*", matchCriteriaId: "456AD412-970D-495E-8F7F-0CF670C364B9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "63530521-E600-4326-B057-162E6635554B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "0715BCFB-5EAA-4812-BB59-7210CB6670FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BBAA74-B0DE-4388-8C1B-8C3FF258EDD8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A8CEFC6C-0066-4331-A7A8-02047A19206A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "1337EA7C-3E52-47EC-8A32-C61A3B5046A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "D9D484DA-BCEA-4873-9F8C-883D702644F7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "BF45A2CE-0E19-477F-9393-B8AAD158D285", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3095075A-5A99-4718-9E5E-56D442A14EAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*", matchCriteriaId: "49D8DA6B-C306-455E-BAF1-0C5C2E1F33B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*", matchCriteriaId: "6881163A-4097-4BAE-A84A-82D819BBF304", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*", matchCriteriaId: "BF31FA87-A8B8-46A1-8945-CB2613FE3B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "32E6B6B9-BD9A-4DF2-8DDC-B2A55431B3FA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "0FA7D904-012D-448D-B1F6-885A472B8BCC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*", matchCriteriaId: "FF740C26-5EB6-4184-93C3-DAC38F01CE25", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "E3D715F7-34D2-4D1D-B49B-74AF4D7D7C55", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "6DF925DE-031A-451F-83A6-1B355D364358", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*", matchCriteriaId: "31BE5F63-902F-4326-B38B-96D692F86B7F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "C7122491-D55D-451B-A2BC-D87D283A504E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*", matchCriteriaId: "D6C7B6C0-BE57-44E3-AFEE-C4EF2A721ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:*:*:*:*:*:*:*", matchCriteriaId: "05F3F78A-C8A5-4F5C-89FA-418A88A8DBAE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc0:*:*:*:*:*:*", matchCriteriaId: "F6DA2D48-4F72-4811-870A-4E2B99B4361E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc2:*:*:*:*:*:*", matchCriteriaId: "278CD0BC-81AC-4EEE-8437-2981F94B40B5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.6:rc3:*:*:*:*:*:*", matchCriteriaId: "B9DAAE30-324D-4D36-AAA9-0DEA6F2A986E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*", matchCriteriaId: "8B8F4980-EC18-4DBA-8950-82F1B81FC008", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*", matchCriteriaId: "12C5DE96-2748-4A9F-A321-D6AD3091C3C4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*", matchCriteriaId: "B3E7D230-166E-434D-B425-01D6EC159A27", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*", matchCriteriaId: "3BDC47F7-47D6-4780-B637-BF646D522ABB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*", matchCriteriaId: "A600049E-2E7D-4A05-926B-C6A4F26496AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*", matchCriteriaId: "52406E96-C133-4EE9-BF80-D2327DFEFC10", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*", matchCriteriaId: "B08816A4-C2D8-40BE-BD46-D9A3A6BBED0F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*", matchCriteriaId: "BAEBEDEF-54BD-4974-AE96-ABCF85508379", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*", matchCriteriaId: "11EE6977-784D-49C9-A1EF-740F5225CF80", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.0.6:*:*:*:*:*:*:*", matchCriteriaId: "1237CF62-B0FC-463E-BD89-7CE4EA6BE04E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:*:*:*:*:*:*:*", matchCriteriaId: "4B271C19-57A4-4C55-93F6-D2E8DBB77227", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc1:*:*:*:*:*:*", matchCriteriaId: "3969527E-386C-4847-BE40-9248334F0CEC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc2:*:*:*:*:*:*", matchCriteriaId: "270B17C7-68D3-4EBE-B7FA-228EBF68AAA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc3:*:*:*:*:*:*", matchCriteriaId: "A1220F4F-68A2-45DC-A713-5E5623F09BF7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1:rc4:*:*:*:*:*:*", matchCriteriaId: "DFECB8C5-534D-4795-A6E0-6918CFAC8F22", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.1.4:*:*:*:*:*:*:*", matchCriteriaId: "9B2A1CA7-7E39-4B44-9BE7-7CA2189FDE78", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2:*:*:*:*:*:*:*", matchCriteriaId: "B6CAC62E-587A-420E-BA87-1DD7521DE041", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2:rc1:*:*:*:*:*:*", matchCriteriaId: "DB9EF84C-AFDD-47F7-A4CF-9248F576AE13", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.1:*:*:*:*:*:*:*", matchCriteriaId: "C103628E-6386-4FD1-9C9F-006C2A66D8C9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.2:*:*:*:*:*:*:*", matchCriteriaId: "62E9E5D3-7409-47E3-8D80-6EEA07E75307", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.3:*:*:*:*:*:*:*", matchCriteriaId: "8438B6E4-82D7-4802-967A-0B57A0FB3C94", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.4:*:*:*:*:*:*:*", matchCriteriaId: "BEA315FC-51F6-4F3B-B5BE-65EC19C04C03", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.2.5:*:*:*:*:*:*:*", matchCriteriaId: "AE4C1753-6B09-48DB-86EF-FED3227775E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:*:*:*:*:*:*:*", matchCriteriaId: "8B7B30E6-0CCC-4CD1-942C-E5D41F457A28", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc1:*:*:*:*:*:*", matchCriteriaId: "2077E2D4-C924-4B9F-81C3-3415DC3A64B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc2:*:*:*:*:*:*", matchCriteriaId: "6F118777-F3D1-4F3B-8708-E9A1DA26B09F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc3:*:*:*:*:*:*", matchCriteriaId: "875D5BB6-4AEB-47C7-9E82-532BB917ADFF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3:rc4:*:*:*:*:*:*", matchCriteriaId: "1194FF74-89D6-4D5A-A5A9-E13127978FE7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3.1:*:*:*:*:*:*:*", matchCriteriaId: "24B2004A-F5EB-4510-A60A-AD1C407CCB42", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.6.3.2:*:*:*:*:*:*:*", matchCriteriaId: "2DD783B5-72E2-4FE3-B5A3-0325E60BE2B3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2:*:*:*:*:*:*:*", matchCriteriaId: "DFB51853-9E04-42AA-AB94-16E2E6D3D1F6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2.1:*:*:*:*:*:*:*", matchCriteriaId: "0220FC4E-BA91-49AB-ACB3-D0A8B87080D4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2.2:*:*:*:*:*:*:*", matchCriteriaId: "46DB0325-9034-4396-B081-2E1F7E3C9A5E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2.3:*:*:*:*:*:*:*", matchCriteriaId: "5FC201CA-D4DD-4C4F-BEA8-D109161D1DDA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2.4:*:*:*:*:*:*:*", matchCriteriaId: "6A4AC6B5-B26F-4C1B-A438-677966151381", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.2.5:*:*:*:*:*:*:*", matchCriteriaId: "FA3C698E-FF63-4818-9405-7860A3ED7B03", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.3:*:*:*:*:*:*:*", matchCriteriaId: "8A1A3E28-1000-49DD-BE1F-78AFD10BC1B3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.3.1:*:*:*:*:*:*:*", matchCriteriaId: "2D4F9DED-744C-4557-A78C-9F741115A330", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.7.3.2:*:*:*:*:*:*:*", matchCriteriaId: "1CDD64A3-C3FD-4D63-A565-E82B62390CED", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", matchCriteriaId: "18FDECCF-7932-484F-B3D0-AE5C7F2DF00B", versionEndIncluding: "1.7.3.3", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.01:*:*:*:*:*:*:*", matchCriteriaId: "26F49181-20C5-4B6A-B733-9995913287CE", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.02:*:*:*:*:*:*:*", matchCriteriaId: "90407B83-D91F-4774-8197-2E7A8DB9635B", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.03:*:*:*:*:*:*:*", matchCriteriaId: "72ED95C7-2223-4C55-90F7-14F2BF8E9A60", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.04:*:*:*:*:*:*:*", matchCriteriaId: "8651F8C8-98E9-4EBF-8D6B-D9F5FAE67381", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.5:*:*:*:*:*:*:*", matchCriteriaId: "94EBAFE1-A7BF-4EF6-8E5B-1547792161EB", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FFB286E1-525B-43B1-8940-0986854BE595", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "398057EC-27A8-4A84-A01D-E14EEB496A7F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.", }, { lang: "es", value: "Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Gitweb v1.7.3.3 y anteriores permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de los parámetros (1) f y (2) fp.", }, ], id: "CVE-2010-3906", lastModified: "2024-11-21T01:19:52.520", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2010-12-17T19:00:20.573", references: [ { source: "security@ubuntu.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html", }, { source: "security@ubuntu.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html", }, { source: "security@ubuntu.com", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "security@ubuntu.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/42645", }, { source: "security@ubuntu.com", url: "http://secunia.com/advisories/42731", }, { source: "security@ubuntu.com", url: "http://secunia.com/advisories/42743", }, { source: "security@ubuntu.com", url: "http://secunia.com/advisories/43457", }, { source: "security@ubuntu.com", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/15744", }, { source: "security@ubuntu.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:256", }, { source: "security@ubuntu.com", url: "http://www.redhat.com/support/errata/RHSA-2010-1003.html", }, { source: "security@ubuntu.com", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/45439", }, { source: "security@ubuntu.com", url: "http://www.securitytracker.com/id?1024905", }, { source: "security@ubuntu.com", url: "http://www.vupen.com/english/advisories/2010/3323", }, { source: "security@ubuntu.com", url: "http://www.vupen.com/english/advisories/2011/0010", }, { source: "security@ubuntu.com", url: "http://www.vupen.com/english/advisories/2011/0464", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/42645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/42731", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/42743", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/43457", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/15744", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.redhat.com/support/errata/RHSA-2010-1003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/45439", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1024905", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2010/3323", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0010", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0464", }, ], sourceIdentifier: "security@ubuntu.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2009-01-20 16:30
Modified
2024-11-21 00:54
Severity ?
Summary
The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git | git | 0.99.9j | |
| git | git | 0.99.9k | |
| git | git | 0.99.9l | |
| git | git | 0.99.9m | |
| git | git | 0.99.9n | |
| git | git | 1.0.0 | |
| git | git | 1.0.0b | |
| git | git | 1.0.3 | |
| git | git | 1.0.4 | |
| git | git | 1.0.5 | |
| git | git | 1.0.6 | |
| git | git | 1.0.7 | |
| git | git | 1.0.8 | |
| git | git | 1.1.1 | |
| git | git | 1.1.2 | |
| git | git | 1.1.3 | |
| git | git | 1.1.4 | |
| git | git | 1.1.5 | |
| git | git | 1.1.6 | |
| git | git | 1.2.0 | |
| git | git | 1.2.1 | |
| git | git | 1.2.2 | |
| git | git | 1.2.3 | |
| git | git | 1.2.4 | |
| git | git | 1.2.5 | |
| git | git | 1.2.6 | |
| git | git | 1.3.0 | |
| git | git | 1.3.1 | |
| git | git | 1.3.2 | |
| git | git | 1.3.3 | |
| git | git | 1.4.0 | |
| git | git | 1.4.1 | |
| git | git | 1.4.1.1 | |
| git | git | 1.4.2 | |
| git | git | 1.4.2.1 | |
| git | git | 1.4.2.2 | |
| git | git | 1.4.2.3 | |
| git | git | 1.4.2.4 | |
| git | git | 1.4.3 | |
| git | git | 1.4.3.1 | |
| git | git | 1.4.3.2 | |
| git | git | 1.4.3.3 | |
| git | git | 1.4.3.4 | |
| git | git | 1.4.3.5 | |
| git | git | 1.4.4 | |
| git | git | 1.4.4.1 | |
| git | git | 1.4.4.2 | |
| git | git | 1.4.4.3 | |
| git | git | 1.4.4.4 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0 | |
| git | git | 1.5.0.1 | |
| git | git | 1.5.0.2 | |
| git | git | 1.5.0.3 | |
| git | git | 1.5.0.4 | |
| git | git | 1.5.0.5 | |
| git | git | 1.5.0.6 | |
| git | git | 1.5.0.7 | |
| git | git | 1.5.1 | |
| git | git | 1.5.1.1 | |
| git | git | 1.5.1.2 | |
| git | git | 1.5.1.3 | |
| git | git | 1.5.1.4 | |
| git | git | 1.5.1.5 | |
| git | git | 1.5.1.6 | |
| git | git | 1.5.2 | |
| git | git | 1.5.2.1 | |
| git | git | 1.5.2.2 | |
| git | git | 1.5.2.3 | |
| git | git | 1.5.2.4 | |
| git | git | 1.5.2.5 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3 | |
| git | git | 1.5.3.1 | |
| git | git | 1.5.3.2 | |
| git | git | 1.5.3.3 | |
| git | git | 1.5.3.4 | |
| git | git | 1.5.3.5 | |
| git | git | 1.5.3.6 | |
| git | git | 1.5.3.7 | |
| git | git | 1.5.3.8 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4 | |
| git | git | 1.5.4.1 | |
| git | git | 1.5.4.2 | |
| git | git | 1.5.4.3 | |
| git | git | 1.5.4.4 | |
| git | git | 1.5.4.5 | |
| git | git | 1.5.4.6 | |
| git | git | 1.5.4.7 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5 | |
| git | git | 1.5.5.1 | |
| git | git | 1.5.5.2 | |
| git | git | 1.5.5.3 | |
| git | git | 1.5.5.4 | |
| git | git | 1.5.5.5 | |
| git | git | 1.5.5.6 | |
| git | git | 1.5.6.1 | |
| git | git | 1.5.6.2 | |
| git | git | 1.5.6.3 | |
| git | git | 1.5.6.4 | |
| git-scm | git | 0.6.0 | |
| git-scm | git | 0.7.0 | |
| rpath | linux | 2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:git:git:0.99.9j:*:*:*:*:*:*:*", matchCriteriaId: "93DA4D8D-3386-4A22-8951-96DDF8B2AB4F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9k:*:*:*:*:*:*:*", matchCriteriaId: "88AE94F1-4C8D-4CB2-80CA-70BDDAA15E5E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9l:*:*:*:*:*:*:*", matchCriteriaId: "D886507B-0192-4D0F-80EE-0E1FD4F2CB9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9m:*:*:*:*:*:*:*", matchCriteriaId: "E3E13512-B8F7-4AA4-9551-71FBA7B746D5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:0.99.9n:*:*:*:*:*:*:*", matchCriteriaId: "E9154DE6-070E-4E6A-A2E4-B25B243FCE9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*", matchCriteriaId: "86156029-EE44-45B6-AF73-641502AC8007", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*", matchCriteriaId: "C7C119CD-4432-4EF8-95BA-BED4C93E609F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BD14EC-D963-4D3A-998F-4041E0F20547", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*", matchCriteriaId: "7F24CC42-E1E2-4B03-B5D5-7A3050BAE01D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*", matchCriteriaId: "A0BD6A9F-4AA2-4672-94FA-002B10478166", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*", matchCriteriaId: "05F3F409-D4F5-4B89-9D9B-63E8041E3700", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*", matchCriteriaId: "228B069E-80BB-4A95-8BBD-66D9C78F2B0D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*", matchCriteriaId: "38EA9447-A92C-43C9-ADD0-F8DCAD57A6C5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "09E4D3DC-7541-4E37-911C-8EC4258D678C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "84137274-7537-4F23-A193-06B7D85820D2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "E6003B70-C2BD-4402-A3DA-9F52FC1EF292", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "D6501938-1E45-4C86-98E8-64D6449674B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "F3E5C886-FE1B-4702-96C3-625FAC27C0B4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "E9761C27-43EF-4ABF-9B99-FF132147651E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "98711B3F-75E7-4116-BC94-ACF9186C7B20", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "2F432595-E793-4321-8CDE-0308982403DD", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "506F265F-4EC0-4DA8-8245-F214BE688BF7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "36077120-17DD-4C0C-8AB9-398361CA98FC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "26FB1987-92E9-4379-AF7A-A29AA1BE348C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "330A8383-6B47-421C-9655-7F7416164CA9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "3EE094E0-CE52-46BC-A012-945530B87572", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "8DBC29B5-50FE-4BDA-9CEF-14CFF31581AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "058F8DA2-1490-4847-BB87-EF76E0F8A9A5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "EAA3E46B-D1CD-4F8B-BF76-9161E70832B2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "DE5EA7B0-6D78-46B7-BEE1-1A0576D56CC3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "0243E80A-5F9A-4742-A83A-076CD822E254", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "2D8BB818-7D5A-4F56-A8A7-11AB861409F4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.1.1:*:*:*:*:*:*:*", matchCriteriaId: "0613B062-A0D6-4403-ADA0-F848F21A3BB1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "F13D209A-44DD-406B-86CB-3BE1B2C95789", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A6D3BC2F-9E38-4F5F-A559-328323F133FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.2:*:*:*:*:*:*:*", matchCriteriaId: "6B8F3E29-9B94-4F46-8A59-FC02EBD9CD6E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.3:*:*:*:*:*:*:*", matchCriteriaId: "44017E26-4AA6-4E76-B047-24D738D505A2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.2.4:*:*:*:*:*:*:*", matchCriteriaId: "5D883B55-8F7A-48AD-8536-3B7901AE95E9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "B2F644BD-2A37-40C8-8C02-67B671474BD3", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "02EC9660-8197-4992-B8BF-ACA81A1362D8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "52E67537-51C1-4D9A-AF11-1E6FE3290AAC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "3735BAE3-C767-44A3-BDD3-07DDEF9AE5C2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "25112BF9-B5C3-470D-8FD8-045707FA83FC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "46E0026C-93EF-4B4F-AEF2-E84F5EA1DCAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "562BD162-990B-4BAF-9074-11FCA1DFC4A9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*", matchCriteriaId: "51B7B233-CCD6-4A58-B76D-990D1DCF1BA9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*", matchCriteriaId: "7AB103FA-9580-4A2C-AF16-12909B5E47A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*", matchCriteriaId: "8CF296EC-FECD-4F70-BBA8-D57C891E35A2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*", matchCriteriaId: "24B2BC27-CA73-4C45-9726-5178DB43DB94", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "9BC291EB-F083-4E66-B61B-50723E0E8A5D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*", matchCriteriaId: "0756E43B-F13B-4EB4-89B3-9A7A6CA6DDA8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*", matchCriteriaId: "23E68B79-8E0C-4001-AECD-ED0AF81825B1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*", matchCriteriaId: "6FAC3AF5-D66D-4972-B2C7-9D1CD784884A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*", matchCriteriaId: "1BE75459-E53B-4E3A-B94A-3A7DA916A4AF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*", matchCriteriaId: "0A51E31C-06CD-463F-BF7D-F14979AB492B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*", matchCriteriaId: "D198227B-3B53-4C29-985E-2596C0909A5A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*", matchCriteriaId: "E6347CFA-DC5A-4C0F-A516-02E6BBEDA3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*", matchCriteriaId: "B4474571-24EB-4D53-8A61-D77E560B0ACE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*", matchCriteriaId: "8B6544F7-D835-45C5-9645-AFEA9F264DE1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*", matchCriteriaId: "43E47006-A44B-4BE1-AD6B-CF869C79A2CC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*", matchCriteriaId: "569F2502-3023-44F6-8767-4DA465B3C754", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*", matchCriteriaId: "4CDF10E4-F882-4BD6-AA56-B56CEC28D1DC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*", matchCriteriaId: "909E71D3-A5E4-47AF-B9F4-2A05A4129EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*", matchCriteriaId: "73FFB1CD-1C79-4DD8-BCAB-1FCA8D99C89B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*", matchCriteriaId: "4124F148-9281-4465-9E16-67DE47E1F00D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*", matchCriteriaId: "22F07209-3FC5-4AA4-B9BF-18F32D7F402F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*", matchCriteriaId: "DDEF615E-48FB-4F1E-BC8E-B3A70457D474", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*", matchCriteriaId: "C43D08FF-7871-481D-A648-015F4DCF68E6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*", matchCriteriaId: "A4869796-F69A-49CC-9203-CE80F38E1A23", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*", matchCriteriaId: "03769CFD-3A5F-4C5E-B548-6B8F7EFFDE14", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*", matchCriteriaId: "4F2433A7-3333-407D-8147-9AC736049590", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*", matchCriteriaId: "585B9665-B422-418D-9AEC-65E65D24621B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*", matchCriteriaId: "7DA2677B-1237-4D22-A51E-3A67B6AA9F9C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*", matchCriteriaId: "2D6642BE-13B4-40F8-BFD4-AD1E55B1A3BF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*", matchCriteriaId: "18962E5D-185E-4AF8-B0B3-11026B61053D", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*", matchCriteriaId: "2EBCE67F-34AC-4635-A2DF-E0C304FAB8E5", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*", matchCriteriaId: "197F9E88-DE20-44B5-B159-8E7BC3986E9E", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*", matchCriteriaId: "3BF65B33-FD2F-4F2B-9F67-360F8957FABC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*", matchCriteriaId: "3C668BD7-C4E3-4A12-9987-E565250E2E1F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*", matchCriteriaId: "A3F93314-4F2D-4036-94F7-986B16BEC851", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*", matchCriteriaId: "92A161E8-6CB8-40FF-9D90-00664185F69F", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*", matchCriteriaId: "B9533C06-96BF-4D5D-A29C-F2AD2EE5108C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*", matchCriteriaId: "B20EFCED-EC50-4A9B-970B-E29CDBDAABDE", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*", matchCriteriaId: "CCC5F7F8-EFC2-4FD0-A293-59F76EBFAE05", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*", matchCriteriaId: "361F32F0-8009-40D2-BC14-74AE90CDB36C", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*", matchCriteriaId: "6B6E65D8-0D8E-4D11-82D7-DD3FB3EB1095", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*", matchCriteriaId: "67535E99-5DD8-4F90-9DB1-5415201E94E2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*", matchCriteriaId: "F3163CEC-C0D5-401E-93C3-6A5316630FC2", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*", matchCriteriaId: "8DA19E8C-34DE-4721-88E2-B97774E855E7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*", matchCriteriaId: "ED57760D-0C08-43FE-A837-B00D271EDBA1", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*", matchCriteriaId: "BA11029F-E4F7-4D4A-817C-A7CC5AD4E872", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*", matchCriteriaId: "8A42B9B9-7B29-429D-9ABC-736CCC038813", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*", matchCriteriaId: "456AD412-970D-495E-8F7F-0CF670C364B9", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*", matchCriteriaId: "63530521-E600-4326-B057-162E6635554B", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*", matchCriteriaId: "0715BCFB-5EAA-4812-BB59-7210CB6670FF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*", matchCriteriaId: "E9BBAA74-B0DE-4388-8C1B-8C3FF258EDD8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A8CEFC6C-0066-4331-A7A8-02047A19206A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*", matchCriteriaId: "1337EA7C-3E52-47EC-8A32-C61A3B5046A7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*", matchCriteriaId: "D9D484DA-BCEA-4873-9F8C-883D702644F7", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*", matchCriteriaId: "BF45A2CE-0E19-477F-9393-B8AAD158D285", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*", matchCriteriaId: "3095075A-5A99-4718-9E5E-56D442A14EAB", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*", matchCriteriaId: "49D8DA6B-C306-455E-BAF1-0C5C2E1F33B8", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*", matchCriteriaId: "6881163A-4097-4BAE-A84A-82D819BBF304", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*", matchCriteriaId: "BF31FA87-A8B8-46A1-8945-CB2613FE3B9A", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*", matchCriteriaId: "32E6B6B9-BD9A-4DF2-8DDC-B2A55431B3FA", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*", matchCriteriaId: "0FA7D904-012D-448D-B1F6-885A472B8BCC", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*", matchCriteriaId: "9C0605BA-481D-4E71-8D57-A99F8CDB7492", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*", matchCriteriaId: "668F528C-50BC-4944-9DC3-95D0413D2359", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*", matchCriteriaId: "E3D715F7-34D2-4D1D-B49B-74AF4D7D7C55", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*", matchCriteriaId: "6DF925DE-031A-451F-83A6-1B355D364358", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*", matchCriteriaId: "AECFAEA8-3B87-4BFE-98A3-58F5129D9BCF", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*", matchCriteriaId: "D6228681-1150-4B80-AFB0-451BAEB393A4", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*", matchCriteriaId: "E807BBE3-A2EC-4EA2-8222-7A02D03848D6", vulnerable: true, }, { criteria: "cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*", matchCriteriaId: "C7122491-D55D-451B-A2BC-D87D283A504E", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.6.0:*:*:*:*:*:*:*", matchCriteriaId: "FFB286E1-525B-43B1-8940-0986854BE595", vulnerable: true, }, { criteria: "cpe:2.3:a:git-scm:git:0.7.0:*:*:*:*:*:*:*", matchCriteriaId: "398057EC-27A8-4A84-A01D-E14EEB496A7F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:rpath:linux:2:*:*:*:*:*:*:*", matchCriteriaId: "48D2FD6E-C9C1-4DF0-9F01-E869FA97B153", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.", }, { lang: "es", value: "La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.5, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados con git_search.", }, ], id: "CVE-2008-5516", lastModified: "2024-11-21T00:54:14.250", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2009-01-20T16:30:00.327", references: [ { source: "secalert@redhat.com", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { source: "secalert@redhat.com", url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33964", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34194", }, { source: "secalert@redhat.com", url: "http://securityreason.com/securityalert/4919", }, { source: "secalert@redhat.com", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2009/dsa-1708", }, { source: "secalert@redhat.com", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { source: "secalert@redhat.com", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { source: "secalert@redhat.com", url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { source: "secalert@redhat.com", url: "https://issues.rpath.com/browse/RPL-2936", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/33964", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/34194", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/4919", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2009/dsa-1708", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.ubuntu.com/usn/USN-723-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2936", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2010-3906
Vulnerability from cvelistv5
Published
2010-12-17 18:00
Modified
2024-08-07 03:26
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T03:26:12.208Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "43457", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/43457", }, { name: "42645", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42645", }, { name: "FEDORA-2010-18981", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html", }, { name: "42731", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42731", }, { name: "ADV-2010-3323", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2010/3323", }, { name: "RHSA-2010:1003", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "http://www.redhat.com/support/errata/RHSA-2010-1003.html", }, { name: "ADV-2011-0010", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0010", }, { name: "42743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/42743", }, { name: "15744", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "http://www.exploit-db.com/exploits/15744", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { name: "MDVSA-2010:256", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:256", }, { name: "1024905", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1024905", }, { name: "45439", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/45439", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "FEDORA-2010-18973", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-12-15T00:00:00", descriptions: [ { lang: "en", value: "Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2011-01-12T10:00:00", orgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc", shortName: "canonical", }, references: [ { name: "43457", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/43457", }, { name: "42645", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42645", }, { name: "FEDORA-2010-18981", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html", }, { name: "42731", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42731", }, { name: "ADV-2010-3323", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2010/3323", }, { name: "RHSA-2010:1003", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "http://www.redhat.com/support/errata/RHSA-2010-1003.html", }, { name: "ADV-2011-0010", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0010", }, { name: "42743", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/42743", }, { name: "15744", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "http://www.exploit-db.com/exploits/15744", }, { name: "SUSE-SR:2011:004", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { name: "MDVSA-2010:256", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:256", }, { name: "1024905", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1024905", }, { name: "45439", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/45439", }, { name: "ADV-2011-0464", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "FEDORA-2010-18973", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@ubuntu.com", ID: "CVE-2010-3906", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "43457", refsource: "SECUNIA", url: "http://secunia.com/advisories/43457", }, { name: "42645", refsource: "SECUNIA", url: "http://secunia.com/advisories/42645", }, { name: "FEDORA-2010-18981", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html", }, { name: "42731", refsource: "SECUNIA", url: "http://secunia.com/advisories/42731", }, { name: "ADV-2010-3323", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2010/3323", }, { name: "RHSA-2010:1003", refsource: "REDHAT", url: "http://www.redhat.com/support/errata/RHSA-2010-1003.html", }, { name: "ADV-2011-0010", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0010", }, { name: "42743", refsource: "SECUNIA", url: "http://secunia.com/advisories/42743", }, { name: "15744", refsource: "EXPLOIT-DB", url: "http://www.exploit-db.com/exploits/15744", }, { name: "SUSE-SR:2011:004", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html", }, { name: "MDVSA-2010:256", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2010:256", }, { name: "1024905", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1024905", }, { name: "45439", refsource: "BID", url: "http://www.securityfocus.com/bid/45439", }, { name: "ADV-2011-0464", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2011/0464", }, { name: "FEDORA-2010-18973", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc", assignerShortName: "canonical", cveId: "CVE-2010-3906", datePublished: "2010-12-17T18:00:00", dateReserved: "2010-10-12T00:00:00", dateUpdated: "2024-08-07T03:26:12.208Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-23946
Vulnerability from cvelistv5
Published
2023-02-14 19:48
Modified
2025-02-13 16:44
Severity ?
EPSS score ?
Summary
Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh | x_refsource_CONFIRM | |
| https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202312-15 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: >= 2.39.0, < 2.39.2 Version: >= 2.38.0, < 2.38.4 Version: >= 2.37.0, < 2.37.6 Version: >= 2.36.0, < 2.36.5 Version: >= 2.35.0, < 2.35.7 Version: >= 2.34.0, < 2.34.7 Version: >= 2.33.0, < 2.33.7 Version: >= 2.32.0, < 2.32.6 Version: >= 2.31.0, < 2.31.7 Version: < 2.30.8 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:49:07.949Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh", }, { name: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: ">= 2.39.0, < 2.39.2", }, { status: "affected", version: ">= 2.38.0, < 2.38.4", }, { status: "affected", version: ">= 2.37.0, < 2.37.6", }, { status: "affected", version: ">= 2.36.0, < 2.36.5", }, { status: "affected", version: ">= 2.35.0, < 2.35.7", }, { status: "affected", version: ">= 2.34.0, < 2.34.7", }, { status: "affected", version: ">= 2.33.0, < 2.33.7", }, { status: "affected", version: ">= 2.32.0, < 2.32.6", }, { status: "affected", version: ">= 2.31.0, < 2.31.7", }, { status: "affected", version: "< 2.30.8", }, ], }, ], descriptions: [ { lang: "en", value: "Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 6.2, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-27T10:06:31.121Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh", }, { name: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", }, { url: "https://security.gentoo.org/glsa/202312-15", }, ], source: { advisory: "GHSA-r87m-v37r-cwfh", discovery: "UNKNOWN", }, title: "Git's `git apply` overwriting paths outside the working tree", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-23946", datePublished: "2023-02-14T19:48:00.554Z", dateReserved: "2023-01-19T21:12:31.362Z", dateUpdated: "2025-02-13T16:44:12.269Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-23521
Vulnerability from cvelistv5
Published
2023-01-17 22:17
Modified
2025-02-13 16:32
Severity ?
EPSS score ?
Summary
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89 | x_refsource_CONFIRM | |
| https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76 | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202312-15 |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:43:46.438Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89", }, { name: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-23521", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-10-15T17:36:25.330950Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-15T18:34:26.130Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.7", }, { status: "affected", version: ">= 2.31.0, < 2.31.6", }, { status: "affected", version: ">= 2.32.0, < 2.32.5", }, { status: "affected", version: ">= 2.33.0, < 2.33.6", }, { status: "affected", version: ">= 2.34.0, < 2.34.6", }, { status: "affected", version: ">= 2.35.0, < 2.35.6", }, { status: "affected", version: ">= 2.36.0, < 2.36.4", }, { status: "affected", version: ">= 2.37.0, < 2.37.5", }, { status: "affected", version: ">= 2.38.0, < 2.38.3", }, { status: "affected", version: "= 2.39.0", }, ], }, ], descriptions: [ { lang: "en", value: "Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a `.gitattributes` file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this pattern. When parsing gitattributes, multiple integer overflows can occur when there is a huge number of path patterns, a huge number of attributes for a single pattern, or when the declared attribute names are huge. These overflows can be triggered via a crafted `.gitattributes` file that may be part of the commit history. Git silently splits lines longer than 2KB when parsing gitattributes from a file, but not when parsing them from the index. Consequentially, the failure mode depends on whether the file exists in the working tree, the index or both. This integer overflow can result in arbitrary heap reads and writes, which may result in remote code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. There are no known workarounds for this issue.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-27T10:06:27.570Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89", }, { name: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", }, { url: "https://security.gentoo.org/glsa/202312-15", }, ], source: { advisory: "GHSA-c738-c5qq-xg89", discovery: "UNKNOWN", }, title: "gitattributes parsing integer overflow in git", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-23521", datePublished: "2023-01-17T22:17:17.765Z", dateReserved: "2022-01-19T21:23:53.781Z", dateUpdated: "2025-02-13T16:32:19.291Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-22490
Vulnerability from cvelistv5
Published
2023-02-14 19:47
Modified
2025-02-13 16:43
Severity ?
EPSS score ?
Summary
Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.
A fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q | x_refsource_CONFIRM | |
| https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85 | x_refsource_MISC | |
| https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd | x_refsource_MISC | |
| https://security.gentoo.org/glsa/202312-15 |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: >= 2.39.0, < 2.39.2 Version: >= 2.38.0, < 2.38.4 Version: >= 2.37.0, < 2.37.6 Version: >= 2.36.0, < 2.36.5 Version: >= 2.35.0, < 2.35.7 Version: >= 2.34.0, < 2.34.7 Version: >= 2.33.0, < 2.33.7 Version: >= 2.32.0, < 2.32.6 Version: >= 2.31.0, < 2.31.7 Version: < 2.30.8 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T10:13:48.515Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q", }, { name: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", }, { name: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: ">= 2.39.0, < 2.39.2", }, { status: "affected", version: ">= 2.38.0, < 2.38.4", }, { status: "affected", version: ">= 2.37.0, < 2.37.6", }, { status: "affected", version: ">= 2.36.0, < 2.36.5", }, { status: "affected", version: ">= 2.35.0, < 2.35.7", }, { status: "affected", version: ">= 2.34.0, < 2.34.7", }, { status: "affected", version: ">= 2.33.0, < 2.33.7", }, { status: "affected", version: ">= 2.32.0, < 2.32.6", }, { status: "affected", version: ">= 2.31.0, < 2.31.7", }, { status: "affected", version: "< 2.30.8", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source `$GIT_DIR/objects` directory contains symbolic links, the `objects` directory itself may still be a symbolic link. These two may be combined to include arbitrary files based on known paths on the victim's filesystem within the malicious repository's working copy, allowing for data exfiltration in a similar manner as CVE-2022-39253.\n\nA fix has been prepared and will appear in v2.39.2 v2.38.4 v2.37.6 v2.36.5 v2.35.7 v2.34.7 v2.33.7 v2.32.6, v2.31.7 and v2.30.8. If upgrading is impractical, two short-term workarounds are available. Avoid cloning repositories from untrusted sources with `--recurse-submodules`. Instead, consider cloning repositories without recursively cloning their submodules, and instead run `git submodule update` at each layer. Before doing so, inspect each new `.gitmodules` file to ensure that it does not contain suspicious module URLs.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-59", description: "CWE-59: Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-27T10:06:20.603Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q", }, { name: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", }, { name: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/c867e4fa180bec4750e9b54eb10f459030dbebfd", }, { url: "https://security.gentoo.org/glsa/202312-15", }, ], source: { advisory: "GHSA-gw92-x3fm-3g3q", discovery: "UNKNOWN", }, title: "Git vulnerable to local clone-based data exfiltration with non-local transports", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-22490", datePublished: "2023-02-14T19:47:56.863Z", dateReserved: "2022-12-29T17:41:28.089Z", dateUpdated: "2025-02-13T16:43:53.248Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-25652
Vulnerability from cvelistv5
Published
2023-04-25 19:17
Modified
2025-02-13 16:44
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: < 2.30.9 Version: >= 2.31.0, < 2.31.8 Version: >= 2.32.0, < 2.32.7 Version: >= 2.33.0, < 2.33.8 Version: >= 2.34.0, < 2.34.8 Version: >= 2.35.0, < 2.35.8 Version: >= 2.36.0, < 2.36.6 Version: >= 2.37.0, < 2.37.7 Version: >= 2.38.0, < 2.38.5 Version: >= 2.39.0, < 2.39.3 Version: >= 2.40.0, < 2.40.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T11:25:19.289Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx", }, { name: "https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902", }, { name: "https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/04/25/2", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-25652", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-01-05T19:56:20.962435Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-11-27T16:44:34.180Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.9", }, { status: "affected", version: ">= 2.31.0, < 2.31.8", }, { status: "affected", version: ">= 2.32.0, < 2.32.7", }, { status: "affected", version: ">= 2.33.0, < 2.33.8", }, { status: "affected", version: ">= 2.34.0, < 2.34.8", }, { status: "affected", version: ">= 2.35.0, < 2.35.8", }, { status: "affected", version: ">= 2.36.0, < 2.36.6", }, { status: "affected", version: ">= 2.37.0, < 2.37.7", }, { status: "affected", version: ">= 2.38.0, < 2.38.5", }, { status: "affected", version: ">= 2.39.0, < 2.39.3", }, { status: "affected", version: ">= 2.40.0, < 2.40.1", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:05:52.311Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx", }, { name: "https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902", }, { name: "https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e", }, { url: "http://www.openwall.com/lists/oss-security/2023/04/25/2", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/", }, { url: "https://security.gentoo.org/glsa/202312-15", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-2hvf-7c8p-28fx", discovery: "UNKNOWN", }, title: "\"git apply --reject\" partially-controlled arbitrary file write", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-25652", datePublished: "2023-04-25T19:17:35.315Z", dateReserved: "2023-02-09T20:58:21.856Z", dateUpdated: "2025-02-13T16:44:34.732Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-32020
Vulnerability from cvelistv5
Published
2024-05-14 18:54
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a "proper" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.39.4", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.45.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.44.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.43:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.43.4", status: "affected", version: "2.43", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.42.2", status: "affected", version: "2.42.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.41.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.40.2", status: "affected", version: "2.40.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32020", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-05-15T14:32:40.280977Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-06T17:15:59.133Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T01:59:50.905Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj", }, { name: "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d", }, { name: "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "= 2.45.0", }, { status: "affected", version: "= 2.44.0", }, { status: "affected", version: ">= 2.43.0, < 2.43.4", }, { status: "affected", version: ">= 2.42.0, < 2.42.2", }, { status: "affected", version: "= 2.41.0", }, { status: "affected", version: ">= 2.40.0, < 2.40.2", }, { status: "affected", version: "< 2.39.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a different user, then those hardlinked files may be rewritten at any point in time by the untrusted user. Cloning local repositories will cause Git to either copy or hardlink files of the source repository into the target repository. This significantly speeds up such local clones compared to doing a \"proper\" clone and saves both disk space and compute time. When cloning a repository located on the same disk that is owned by a different user than the current user we also end up creating such hardlinks. These files will continue to be owned and controlled by the potentially-untrusted user and can be rewritten by them at will in the future. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-281", description: "CWE-281: Improper Preservation of Permissions", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T17:10:03.915Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj", }, { name: "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d", }, { name: "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, ], source: { advisory: "GHSA-5rfh-556j-fhgj", discovery: "UNKNOWN", }, title: "Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32020", datePublished: "2024-05-14T18:54:08.184Z", dateReserved: "2024-04-09T15:29:35.937Z", dateUpdated: "2025-02-13T17:52:05.240Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41903
Vulnerability from cvelistv5
Published
2023-01-17 22:17
Modified
2025-03-10 21:21
Severity ?
EPSS score ?
Summary
Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:56:38.383Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq", }, { name: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", }, { name: "https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst", }, { name: "https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-41903", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-03-10T20:59:12.527761Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-03-10T21:21:50.039Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.7", }, { status: "affected", version: ">= 2.31.0, < 2.31.6", }, { status: "affected", version: ">= 2.32.0, < 2.32.5", }, { status: "affected", version: ">= 2.33.0, < 2.33.6", }, { status: "affected", version: ">= 2.34.0, < 2.34.6", }, { status: "affected", version: ">= 2.35.0, < 2.35.6", }, { status: "affected", version: ">= 2.36.0, < 2.36.4", }, { status: "affected", version: ">= 2.37.0, < 2.37.5", }, { status: "affected", version: ">= 2.38.0, < 2.38.3", }, { status: "affected", version: "= 2.39.0", }, ], }, ], descriptions: [ { lang: "en", value: "Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190: Integer Overflow or Wraparound", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-27T10:06:32.604Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq", }, { name: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76", }, { name: "https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst", }, { name: "https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem", }, { url: "https://security.gentoo.org/glsa/202312-15", }, ], source: { advisory: "GHSA-475x-2q3q-hvwq", discovery: "UNKNOWN", }, title: "Integer overflow in `git archive`, `git log --format` leading to RCE in git", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-41903", datePublished: "2023-01-17T22:17:16.123Z", dateReserved: "2022-09-30T16:38:28.931Z", dateUpdated: "2025-03-10T21:21:50.039Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-50349
Vulnerability from cvelistv5
Published
2025-01-14 18:43
Modified
2025-01-21 17:02
Severity ?
EPSS score ?
Summary
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr | x_refsource_CONFIRM | |
| https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8 | x_refsource_MISC | |
| https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-50349", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T19:22:40.959774Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T19:22:53.506Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "<= 2.40.3", }, { status: "affected", version: ">= 2.41.0, <= 2.41.2", }, { status: "affected", version: ">= 2.42.0, <= 2.42.3", }, { status: "affected", version: ">= 2.43.0, <= 2.43.5", }, { status: "affected", version: ">= 2.44.0, <= 2.44.2", }, { status: "affected", version: ">= 2.45.0, <= 2.45.2", }, { status: "affected", version: ">= 2.46.0, <= 2.46.2", }, { status: "affected", version: ">= 2.47.0, < 2.47.2", }, { status: "affected", version: "= 2.48.0", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt (i.e. without using any credential helper), it prints out the host name for which the user is expected to provide a username and/or a password. At this stage, any URL-encoded parts have been decoded already, and are printed verbatim. This allows attackers to craft URLs that contain ANSI escape sequences that the terminal interpret to confuse users e.g. into providing passwords for trusted Git hosting sites when in fact they are then sent to untrusted sites that are under the attacker's control. This issue has been patch via commits `7725b81` and `c903985` which are included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "HIGH", attackRequirements: "PRESENT", attackVector: "NETWORK", baseScore: 2.1, baseSeverity: "LOW", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "LOW", subIntegrityImpact: "LOW", userInteraction: "ACTIVE", vectorString: "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-116", description: "CWE-116: Improper Encoding or Escaping of Output", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-147", description: "CWE-147: Improper Neutralization of Input Terminators", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-150", description: "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-21T17:02:46.639Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr", }, { name: "https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8", }, { name: "https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577", }, ], source: { advisory: "GHSA-hmg8-h7qf-7cxr", discovery: "UNKNOWN", }, title: "Git does not sanitize URLs when asking for credentials interactively", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-50349", datePublished: "2025-01-14T18:43:42.620Z", dateReserved: "2024-10-22T17:54:40.957Z", dateUpdated: "2025-01-21T17:02:46.639Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-32004
Vulnerability from cvelistv5
Published
2024-05-14 18:46
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T01:59:50.824Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389", }, { name: "https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8", }, { name: "https://git-scm.com/docs/git-clone", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/git-clone", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.45.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.44.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.43.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.43.4", status: "affected", version: "2.43.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.42.2", status: "affected", version: "2.42.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.41.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.40.2", status: "affected", version: "2.40.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.39.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32004", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-15T17:59:29.364044Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-08-09T18:41:23.817Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "= 2.45.0", }, { status: "affected", version: "= 2.44.0", }, { status: "affected", version: ">= 2.43.0, < 2.43.4", }, { status: "affected", version: ">= 2.42.0, < 2.42.2", }, { status: "affected", version: "= 2.41.0", }, { status: "affected", version: ">= 2.40.0, < 2.40.2", }, { status: "affected", version: "< 2.39.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-114", description: "CWE-114: Process Control", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:06:05.293Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389", }, { name: "https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8", }, { name: "https://git-scm.com/docs/git-clone", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/git-clone", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-xfc6-vwr8-r389", discovery: "UNKNOWN", }, title: "Git vulnerable to Remote Code Execution while cloning special-crafted local repositories", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32004", datePublished: "2024-05-14T18:46:32.192Z", dateReserved: "2024-04-08T13:48:37.493Z", dateUpdated: "2025-02-13T17:52:03.057Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52005
Vulnerability from cvelistv5
Published
2025-01-15 17:35
Modified
2025-01-15 20:10
Severity ?
EPSS score ?
Summary
Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called "sideband channel". These messages will be prefixed with "remote:" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329 | x_refsource_CONFIRM | |
| https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-52005", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-15T20:10:33.107830Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-15T20:10:36.473Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: ">= 2.48.0, <= 2.48.1", }, { status: "affected", version: ">= 2.47.0, <= 2.47.1", }, { status: "affected", version: ">= 2.46.0, <= 2.46.3", }, { status: "affected", version: ">= 2.45.0, <= 2.45.3", }, { status: "affected", version: ">= 2.44.0, <= 2.44.3", }, { status: "affected", version: ">= 2.43.0, <= 2.43.6", }, { status: "affected", version: ">= 2.42.0, <= 2.42.4", }, { status: "affected", version: ">= 2.41.0, <= 2.41.3", }, { status: "affected", version: "<= 2.40.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called \"sideband channel\". These messages will be prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "HIGH", attackRequirements: "NONE", attackVector: "NETWORK", baseScore: 7.5, baseSeverity: "HIGH", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "ACTIVE", vectorString: "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "HIGH", vulnConfidentialityImpact: "HIGH", vulnIntegrityImpact: "HIGH", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-116", description: "CWE-116: Improper Encoding or Escaping of Output", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-150", description: "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-15T17:35:02.379Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329", }, { name: "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net", tags: [ "x_refsource_MISC", ], url: "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net", }, ], source: { advisory: "GHSA-7jjc-gg6m-3329", discovery: "UNKNOWN", }, title: "The sideband payload is passed unfiltered to the terminal in git", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-52005", datePublished: "2025-01-15T17:35:02.379Z", dateReserved: "2024-11-04T17:46:16.779Z", dateUpdated: "2025-01-15T20:10:36.473Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25648
Vulnerability from cvelistv5
Published
2022-04-19 16:35
Modified
2024-09-16 17:59
Severity ?
EPSS score ?
Summary
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:42:50.664Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270", }, { tags: [ "x_transferred", ], url: "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0", }, { tags: [ "x_transferred", ], url: "https://github.com/ruby-git/ruby-git/pull/569", }, { name: "FEDORA-2022-353e1cf8b6", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNJA7WPE67LJ3DJMWZ2TADHCZKWMY55/", }, { name: "FEDORA-2022-f09e0d8b0e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTJUF6SFPL4ZVSJQHGQ36KFPFO5DQVYZ/", }, { name: "FEDORA-2022-1aa40056fc", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q2V3HOFU4ZVTQZHAVAVL3EX2KU53SP7R/", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "n/a", versions: [ { lessThan: "1.11.0", status: "affected", version: "unspecified", versionType: "custom", }, ], }, ], credits: [ { lang: "en", value: "Alessio Della Libera of Snyk Research Team", }, ], datePublic: "2022-04-19T00:00:00", descriptions: [ { lang: "en", value: "The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitCodeMaturity: "PROOF_OF_CONCEPT", integrityImpact: "HIGH", privilegesRequired: "NONE", remediationLevel: "NOT_DEFINED", reportConfidence: "NOT_DEFINED", scope: "UNCHANGED", temporalScore: 7.7, temporalSeverity: "HIGH", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Command Injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-01-31T00:00:00", orgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", shortName: "snyk", }, references: [ { url: "https://snyk.io/vuln/SNYK-RUBY-GIT-2421270", }, { url: "https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0", }, { url: "https://github.com/ruby-git/ruby-git/pull/569", }, { name: "FEDORA-2022-353e1cf8b6", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWNJA7WPE67LJ3DJMWZ2TADHCZKWMY55/", }, { name: "FEDORA-2022-f09e0d8b0e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PTJUF6SFPL4ZVSJQHGQ36KFPFO5DQVYZ/", }, { name: "FEDORA-2022-1aa40056fc", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q2V3HOFU4ZVTQZHAVAVL3EX2KU53SP7R/", }, { name: "[debian-lts-announce] 20230130 [SECURITY] [DLA 3303-1] ruby-git security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/01/msg00043.html", }, ], title: "Command Injection", }, }, cveMetadata: { assignerOrgId: "bae035ff-b466-4ff4-94d0-fc9efd9e1730", assignerShortName: "snyk", cveId: "CVE-2022-25648", datePublished: "2022-04-19T16:35:11.215526Z", dateReserved: "2022-02-24T00:00:00", dateUpdated: "2024-09-16T17:59:47.353Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-29187
Vulnerability from cvelistv5
Published
2022-07-12 00:00
Modified
2024-08-03 06:17
Severity ?
EPSS score ?
Summary
Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:17:54.233Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v", }, { tags: [ "x_transferred", ], url: "https://github.blog/2022-04-12-git-security-vulnerability-announced", }, { tags: [ "x_transferred", ], url: "https://lore.kernel.org/git/xmqqv8s2fefi.fsf%40gitster.g/T/#u", }, { name: "[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2022/07/14/1", }, { name: "FEDORA-2022-dfd7e7fc0e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/", }, { name: "FEDORA-2022-2a5de7cb8b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213496", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "FEDORA-2023-470c7ea49e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/", }, { name: "FEDORA-2023-e3c8abd37e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/", }, { name: "FEDORA-2023-1068309389", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/", }, { name: "FEDORA-2023-3ec32f6d4e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, { name: "GLSA-202401-17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202401-17", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: ">= 2.30.3, < 2.30.5", }, { status: "affected", version: ">= 2.31.2, < 2.31.4", }, { status: "affected", version: ">= 2.32.1, < 2.32.3", }, { status: "affected", version: ">= 2.33.2, < 2.33.4", }, { status: "affected", version: ">= 2.34.2, < 2.34.4", }, { status: "affected", version: ">= 2.35.2, < 2.35.4", }, { status: "affected", version: ">= 2.36, < 2.36.2", }, { status: "affected", version: ">= 2.37, < 2.37.1", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a distributed revision control system. Git prior to versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5, is vulnerable to privilege escalation in all platforms. An unsuspecting user could still be affected by the issue reported in CVE-2022-24765, for example when navigating as root into a shared tmp directory that is owned by them, but where an attacker could create a git repository. Versions 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4, 2.32.3, 2.31.4, and 2.30.5 contain a patch for this issue. The simplest way to avoid being affected by the exploit described in the example is to avoid running git as root (or an Administrator in Windows), and if needed to reduce its use to a minimum. While a generic workaround is not possible, a system could be hardened from the exploit described in the example by removing any such repository if it exists already and creating one as root to block any future attacks.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-282", description: "CWE-282: Improper Ownership Management", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-427", description: "CWE-427: Uncontrolled Search Path Element", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-01-14T10:06:22.426428", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/git/git/security/advisories/GHSA-j342-m5hw-rr3v", }, { url: "https://github.blog/2022-04-12-git-security-vulnerability-announced", }, { url: "https://lore.kernel.org/git/xmqqv8s2fefi.fsf%40gitster.g/T/#u", }, { name: "[oss-security] 20220713 Git v2.37.1 and friends for CVE-2022-29187", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2022/07/14/1", }, { name: "FEDORA-2022-dfd7e7fc0e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/", }, { name: "FEDORA-2022-2a5de7cb8b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/", }, { url: "https://support.apple.com/kb/HT213496", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "FEDORA-2023-470c7ea49e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/", }, { name: "FEDORA-2023-e3c8abd37e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/", }, { name: "FEDORA-2023-1068309389", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/", }, { name: "FEDORA-2023-3ec32f6d4e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-15", }, { name: "GLSA-202401-17", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202401-17", }, ], source: { advisory: "GHSA-j342-m5hw-rr3v", discovery: "UNKNOWN", }, title: "Bypass of safe.directory protections in Git", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-29187", datePublished: "2022-07-12T00:00:00", dateReserved: "2022-04-13T00:00:00", dateUpdated: "2024-08-03T06:17:54.233Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-32465
Vulnerability from cvelistv5
Published
2024-05-14 19:18
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.45.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.44.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThanOrEqual: "2.43.4", status: "affected", version: "2.43.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThanOrEqual: "2.42.2", status: "affected", version: "2.42.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.41.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThanOrEqual: "2.40.2", status: "affected", version: "2.40.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.39.4", status: "affected", version: "2.39.4*", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32465", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-15T14:24:08.045336Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-04T17:51:48.675Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T02:13:39.839Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4", }, { name: "https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7", }, { name: "https://git-scm.com/docs/git#_security", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/git#_security", }, { name: "https://git-scm.com/docs/git-clone", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/git-clone", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "= 2.45.0", }, { status: "affected", version: "= 2.44.0", }, { status: "affected", version: ">= 2.43.0, < 2.43.4", }, { status: "affected", version: ">= 2.42.0, < 2.42.2", }, { status: "affected", version: "= 2.41.0", }, { status: "affected", version: ">= 2.40.0, < 2.40.2", }, { status: "affected", version: "< 2.39.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "PHYSICAL", availabilityImpact: "HIGH", baseScore: 7.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:05:55.929Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4", }, { name: "https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7", }, { name: "https://git-scm.com/docs/git#_security", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/git#_security", }, { name: "https://git-scm.com/docs/git-clone", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/git-clone", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-vm9j-46j9-qvq4", discovery: "UNKNOWN", }, title: "Git's protections for cloning untrusted repositories can be bypassed", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32465", datePublished: "2024-05-14T19:18:33.914Z", dateReserved: "2024-04-12T19:41:51.165Z", dateUpdated: "2025-02-13T17:52:12.757Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-52006
Vulnerability from cvelistv5
Published
2025-01-14 18:39
Modified
2025-01-21 17:03
Severity ?
EPSS score ?
Summary
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp | x_refsource_CONFIRM | |
| https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g | x_refsource_MISC | |
| https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q | x_refsource_MISC | |
| https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2024-52006", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2025-01-14T18:52:03.897787Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-01-14T18:52:11.014Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "<= 2.40.3", }, { status: "affected", version: ">= 2.41.0, <= 2.41.2", }, { status: "affected", version: ">= 2.42.0, <= 2.42.3", }, { status: "affected", version: ">= 2.43.0, <= 2.43.5", }, { status: "affected", version: ">= 2.44.0, <= 2.44.2", }, { status: "affected", version: ">= 2.45.0, <= 2.45.2", }, { status: "affected", version: ">= 2.46.0, <= 2.46.2", }, { status: "affected", version: ">= 2.47.0, < 2.47.2", }, { status: "affected", version: "= 2.48.0", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems (most notably, .NET and node.js) interpret single Carriage Return characters as newlines, which renders the protections against CVE-2020-5260 incomplete for credential helpers that treat Carriage Returns in this way. This issue has been addressed in commit `b01b9b8` which is included in release versions v2.48.1, v2.47.2, v2.46.3, v2.45.3, v2.44.3, v2.43.6, v2.42.4, v2.41.3, and v2.40.4. Users are advised to upgrade. Users unable to upgrade should avoid cloning from untrusted URLs, especially recursive clones.", }, ], metrics: [ { cvssV4_0: { attackComplexity: "LOW", attackRequirements: "PRESENT", attackVector: "NETWORK", baseScore: 2.1, baseSeverity: "LOW", privilegesRequired: "NONE", subAvailabilityImpact: "NONE", subConfidentialityImpact: "NONE", subIntegrityImpact: "NONE", userInteraction: "ACTIVE", vectorString: "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", version: "4.0", vulnAvailabilityImpact: "NONE", vulnConfidentialityImpact: "NONE", vulnIntegrityImpact: "LOW", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-116", description: "CWE-116: Improper Encoding or Escaping of Output", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-147", description: "CWE-147: Improper Neutralization of Input Terminators", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-150", description: "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-21T17:03:14.854Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp", }, { name: "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g", tags: [ "x_refsource_MISC", ], url: "https://github.com/git-ecosystem/git-credential-manager/security/advisories/GHSA-86c2-4x57-wc8g", }, { name: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { name: "https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060", }, ], source: { advisory: "GHSA-r5ph-xg7q-xfrp", discovery: "UNKNOWN", }, title: "Newline confusion in credential helpers can lead to credential exfiltration in git", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-52006", datePublished: "2025-01-14T18:39:52.748Z", dateReserved: "2024-11-04T17:46:16.779Z", dateUpdated: "2025-01-21T17:03:14.854Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-29007
Vulnerability from cvelistv5
Published
2023-04-25 20:09
Modified
2025-02-13 16:48
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: < 2.30.9 Version: >= 2.31.0, < 2.31.8 Version: >= 2.32.0, < 2.32.7 Version: >= 2.33.0, < 2.33.8 Version: >= 2.34.0, < 2.34.8 Version: >= 2.35.0, < 2.35.8 Version: >= 2.36.0, < 2.36.6 Version: >= 2.37.0, < 2.37.7 Version: >= 2.38.0, < 2.38.5 Version: >= 2.39.0, < 2.39.3 Version: >= 2.40.0, < 2.40.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T14:00:14.413Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844", }, { name: "https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4", }, { name: "https://github.com/git/git/blob/9ce9dea4e1c2419cca126d29fa7730baa078a11b/Documentation/RelNotes/2.30.9.txt", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/blob/9ce9dea4e1c2419cca126d29fa7730baa078a11b/Documentation/RelNotes/2.30.9.txt", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/", }, { tags: [ "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.9", }, { status: "affected", version: ">= 2.31.0, < 2.31.8", }, { status: "affected", version: ">= 2.32.0, < 2.32.7", }, { status: "affected", version: ">= 2.33.0, < 2.33.8", }, { status: "affected", version: ">= 2.34.0, < 2.34.8", }, { status: "affected", version: ">= 2.35.0, < 2.35.8", }, { status: "affected", version: ">= 2.36.0, < 2.36.6", }, { status: "affected", version: ">= 2.37.0, < 2.37.7", }, { status: "affected", version: ">= 2.38.0, < 2.38.5", }, { status: "affected", version: ">= 2.39.0, < 2.39.3", }, { status: "affected", version: ">= 2.40.0, < 2.40.1", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-74", description: "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:05:57.735Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-v48j-4xgg-4844", }, { name: "https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/528290f8c61222433a8cf02fb7cfffa8438432b4", }, { name: "https://github.com/git/git/blob/9ce9dea4e1c2419cca126d29fa7730baa078a11b/Documentation/RelNotes/2.30.9.txt", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/blob/9ce9dea4e1c2419cca126d29fa7730baa078a11b/Documentation/RelNotes/2.30.9.txt", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/", }, { url: "https://security.gentoo.org/glsa/202312-15", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-v48j-4xgg-4844", discovery: "UNKNOWN", }, title: "Arbitrary configuration injection via `git submodule deinit`", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2023-29007", datePublished: "2023-04-25T20:09:52.182Z", dateReserved: "2023-03-29T17:39:16.142Z", dateUpdated: "2025-02-13T16:48:58.111Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2009-2108
Vulnerability from cvelistv5
Published
2009-06-18 18:00
Modified
2024-08-07 05:36
Severity ?
EPSS score ?
Summary
git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T05:36:20.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1022398", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1022398", }, { name: "ADV-2009-1579", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/1579", }, { name: "gitdaemon-xinetd-dos(51083)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/51083", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://thread.gmane.org/gmane.comp.version-control.git/120724", }, { name: "[fedora-security-list] 20090612 git daemon DoS", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html", }, { name: "55034", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/55034", }, { name: "35730", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35730", }, { name: "FEDORA-2009-6839", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html", }, { name: "FEDORA-2009-6936", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html", }, { name: "35437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/35437", }, { name: "35338", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/35338", }, { name: "GLSA-200907-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200907-05.xml", }, { name: "MDVSA-2009:155", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:155", }, { name: "FEDORA-2009-6809", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://article.gmane.org/gmane.comp.version-control.git/120733", }, { name: "[oss-security] 20090612 Git daemon infinite loop", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/06/12/1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-06-05T00:00:00", descriptions: [ { lang: "en", value: "git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1022398", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1022398", }, { name: "ADV-2009-1579", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/1579", }, { name: "gitdaemon-xinetd-dos(51083)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/51083", }, { tags: [ "x_refsource_MISC", ], url: "http://thread.gmane.org/gmane.comp.version-control.git/120724", }, { name: "[fedora-security-list] 20090612 git daemon DoS", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html", }, { name: "55034", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/55034", }, { name: "35730", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35730", }, { name: "FEDORA-2009-6839", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html", }, { name: "FEDORA-2009-6936", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html", }, { name: "35437", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/35437", }, { name: "35338", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/35338", }, { name: "GLSA-200907-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200907-05.xml", }, { name: "MDVSA-2009:155", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:155", }, { name: "FEDORA-2009-6809", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html", }, { tags: [ "x_refsource_MISC", ], url: "http://article.gmane.org/gmane.comp.version-control.git/120733", }, { name: "[oss-security] 20090612 Git daemon infinite loop", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/06/12/1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2009-2108", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1022398", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1022398", }, { name: "ADV-2009-1579", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2009/1579", }, { name: "gitdaemon-xinetd-dos(51083)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/51083", }, { name: "http://thread.gmane.org/gmane.comp.version-control.git/120724", refsource: "MISC", url: "http://thread.gmane.org/gmane.comp.version-control.git/120724", }, { name: "[fedora-security-list] 20090612 git daemon DoS", refsource: "MLIST", url: "https://www.redhat.com/archives/fedora-security-list/2009-June/msg00000.html", }, { name: "55034", refsource: "OSVDB", url: "http://osvdb.org/55034", }, { name: "35730", refsource: "SECUNIA", url: "http://secunia.com/advisories/35730", }, { name: "FEDORA-2009-6839", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01126.html", }, { name: "FEDORA-2009-6936", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01056.html", }, { name: "35437", refsource: "SECUNIA", url: "http://secunia.com/advisories/35437", }, { name: "35338", refsource: "BID", url: "http://www.securityfocus.com/bid/35338", }, { name: "GLSA-200907-05", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200907-05.xml", }, { name: "MDVSA-2009:155", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2009:155", }, { name: "FEDORA-2009-6809", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2009-June/msg01045.html", }, { name: "http://article.gmane.org/gmane.comp.version-control.git/120733", refsource: "MISC", url: "http://article.gmane.org/gmane.comp.version-control.git/120733", }, { name: "[oss-security] 20090612 Git daemon infinite loop", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2009/06/12/1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2009-2108", datePublished: "2009-06-18T18:00:00", dateReserved: "2009-06-18T00:00:00", dateUpdated: "2024-08-07T05:36:20.990Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-21300
Vulnerability from cvelistv5
Published
2021-03-09 00:00
Modified
2024-08-03 18:09
Severity ?
EPSS score ?
Summary
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: >= 2.14.2, < 2.17.62.17.6 Version: >= 2.18.0, < 2.18.5 Version: >= 2.19.0, < 2.19.6 Version: >= 2.20.0, < 2.20.5 Version: >= 2.21.0, < 2.21.4 Version: >= 2.22.0, < 2.22.5 Version: >= 2.23.0, < 2.23.4 Version: >= 2.24.0, < 2.24.4 Version: >= 2.25.0, < 2.25.5 Version: >= 2.26.0, < 2.26.3 Version: >= 2.27.0, < 2.27.1 Version: >= 2.28.0, < 2.28.1 Version: >= 2.29.0, < 2.29.3 Version: >= 2.30.0, < 2.30.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T18:09:15.850Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm", }, { tags: [ "x_transferred", ], url: "https://lore.kernel.org/git/xmqqim6019yd.fsf%40gitster.c.googlers.com/", }, { tags: [ "x_transferred", ], url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { tags: [ "x_transferred", ], url: "https://git-scm.com/docs/gitattributes#_filter", }, { tags: [ "x_transferred", ], url: "https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592", }, { name: "[oss-security] 20210309 git: malicious repositories can execute remote code while cloning", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2021/03/09/3", }, { name: "FEDORA-2021-63fcbd126e", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCLJJLKKMS5WRFO6C475AOUZTWQLIARX/", }, { name: "FEDORA-2021-ffd0b2108d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LMXX2POK5X576BSDWSXGU7EIK6I72ERU/", }, { name: "FEDORA-2021-03e61a6647", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BBPNGLQSYJHLZZ37BO42YY6S5OTIF4L4/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT212320", }, { name: "20210427 APPLE-SA-2021-04-26-10 Xcode 12.5", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2021/Apr/60", }, { name: "GLSA-202104-01", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202104-01", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/163978/Git-LFS-Clone-Command-Execution.html", }, { name: "[debian-lts-announce] 20221010 [SECURITY] [DLA 3145-1] git security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00014.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: ">= 2.14.2, < 2.17.62.17.6", }, { status: "affected", version: ">= 2.18.0, < 2.18.5", }, { status: "affected", version: ">= 2.19.0, < 2.19.6", }, { status: "affected", version: ">= 2.20.0, < 2.20.5", }, { status: "affected", version: ">= 2.21.0, < 2.21.4", }, { status: "affected", version: ">= 2.22.0, < 2.22.5", }, { status: "affected", version: ">= 2.23.0, < 2.23.4", }, { status: "affected", version: ">= 2.24.0, < 2.24.4", }, { status: "affected", version: ">= 2.25.0, < 2.25.5", }, { status: "affected", version: ">= 2.26.0, < 2.26.3", }, { status: "affected", version: ">= 2.27.0, < 2.27.1", }, { status: "affected", version: ">= 2.28.0, < 2.28.1", }, { status: "affected", version: ">= 2.29.0, < 2.29.3", }, { status: "affected", version: ">= 2.30.0, < 2.30.1", }, ], }, ], descriptions: [ { lang: "en", value: "Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. As a workaound, if symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. Likewise, if no clean/smudge filters such as Git LFS are configured globally (i.e. _before_ cloning), the attack is foiled. As always, it is best to avoid cloning repositories from untrusted sources. The earliest impacted version is 2.14.2. The fix versions are: 2.30.1, 2.29.3, 2.28.1, 2.27.1, 2.26.3, 2.25.5, 2.24.4, 2.23.4, 2.22.5, 2.21.4, 2.20.5, 2.19.6, 2.18.5, 2.17.62.17.6.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-59", description: "CWE-59 Improper Link Resolution Before File Access ('Link Following')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-11T00:00:00", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/git/git/security/advisories/GHSA-8prw-h3cq-mghm", }, { url: "https://lore.kernel.org/git/xmqqim6019yd.fsf%40gitster.c.googlers.com/", }, { url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { url: "https://git-scm.com/docs/gitattributes#_filter", }, { url: "https://github.com/git/git/commit/684dd4c2b414bcf648505e74498a608f28de4592", }, { name: "[oss-security] 20210309 git: malicious repositories can execute remote code while cloning", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2021/03/09/3", }, { name: "FEDORA-2021-63fcbd126e", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCLJJLKKMS5WRFO6C475AOUZTWQLIARX/", }, { name: "FEDORA-2021-ffd0b2108d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LMXX2POK5X576BSDWSXGU7EIK6I72ERU/", }, { name: "FEDORA-2021-03e61a6647", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BBPNGLQSYJHLZZ37BO42YY6S5OTIF4L4/", }, { url: "https://support.apple.com/kb/HT212320", }, { name: "20210427 APPLE-SA-2021-04-26-10 Xcode 12.5", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2021/Apr/60", }, { name: "GLSA-202104-01", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202104-01", }, { url: "http://packetstormsecurity.com/files/163978/Git-LFS-Clone-Command-Execution.html", }, { name: "[debian-lts-announce] 20221010 [SECURITY] [DLA 3145-1] git security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00014.html", }, ], source: { advisory: "GHSA-8prw-h3cq-mghm", discovery: "UNKNOWN", }, title: "malicious repositories can execute remote code while cloning", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2021-21300", datePublished: "2021-03-09T00:00:00", dateReserved: "2020-12-22T00:00:00", dateUpdated: "2024-08-03T18:09:15.850Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-3546
Vulnerability from cvelistv5
Published
2008-08-07 21:00
Modified
2024-08-07 09:45
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T09:45:18.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20080812 rPSA-2008-0253-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", }, { name: "32029", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32029", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", }, { name: "git-multiple-bo(44217)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33964", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2707", }, { name: "31347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31347", }, { name: "GLSA-200809-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200809-16.xml", }, { name: "DSA-1637", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1637", }, { name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284", }, { name: "FEDORA-2008-9080", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html", }, { name: "32384", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32384", }, { name: "30549", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/30549", }, { name: "ADV-2008-2306", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2306", }, { name: "1020627", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1020627", }, { name: "31780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31780", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-07-20T00:00:00", descriptions: [ { lang: "en", value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20080812 rPSA-2008-0253-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", }, { name: "32029", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32029", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", }, { name: "git-multiple-bo(44217)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33964", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2707", }, { name: "31347", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31347", }, { name: "GLSA-200809-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200809-16.xml", }, { name: "DSA-1637", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1637", }, { name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284", }, { name: "FEDORA-2008-9080", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html", }, { name: "32384", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32384", }, { name: "30549", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/30549", }, { name: "ADV-2008-2306", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2306", }, { name: "1020627", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1020627", }, { name: "31780", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31780", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-3546", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20080812 rPSA-2008-0253-1 git gitweb", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/495391/100/0/threaded", }, { name: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", refsource: "CONFIRM", url: "http://www.kernel.org/pub/software/scm/git/docs/RelNotes-1.5.6.4.txt", }, { name: "32029", refsource: "SECUNIA", url: "http://secunia.com/advisories/32029", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0253", }, { name: "git-multiple-bo(44217)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/44217", }, { name: "33964", refsource: "SECUNIA", url: "http://secunia.com/advisories/33964", }, { name: "https://issues.rpath.com/browse/RPL-2707", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2707", }, { name: "31347", refsource: "SECUNIA", url: "http://secunia.com/advisories/31347", }, { name: "GLSA-200809-16", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200809-16.xml", }, { name: "DSA-1637", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1637", }, { name: "[git] 20080716 [PATCH] Fix buffer overflow in git diff", refsource: "MLIST", url: "http://kerneltrap.org/mailarchive/git/2008/7/16/2529284", }, { name: "FEDORA-2008-9080", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00729.html", }, { name: "32384", refsource: "SECUNIA", url: "http://secunia.com/advisories/32384", }, { name: "30549", refsource: "BID", url: "http://www.securityfocus.com/bid/30549", }, { name: "ADV-2008-2306", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2306", }, { name: "1020627", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1020627", }, { name: "31780", refsource: "SECUNIA", url: "http://secunia.com/advisories/31780", }, { name: "USN-723-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-723-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-3546", datePublished: "2008-08-07T21:00:00", dateReserved: "2008-08-07T00:00:00", dateUpdated: "2024-08-07T09:45:18.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39253
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:43.267Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", }, { name: "FEDORA-2022-12790ca71a", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/", }, { name: "FEDORA-2022-8b58806840", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213496", }, { name: "FEDORA-2022-53aadd995f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "FEDORA-2022-2c33bba286", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMQWGMDLX6KTVWW5JZLVPI7ICAK72TN7/", }, { name: "FEDORA-2022-fb088df94c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "[oss-security] 20230214 [Announce] Git 2.39.2 and friends", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/02/14/5", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, { name: "[oss-security] 20240514 git: 5 vulnerabilities fixed", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.6", }, { status: "affected", version: "< 2.31.5", }, { status: "affected", version: "< 2.32.4", }, { status: "affected", version: "< 2.33.5", }, { status: "affected", version: "< 2.34.5", }, { status: "affected", version: "< 2.35.5", }, { status: "affected", version: "< 2.36.3", }, { status: "affected", version: "< 2.37.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of the source's `$GIT_DIR/objects` directory into the destination by either creating hardlinks to the source contents, or copying them (if hardlinks are disabled via `--no-hardlinks`). A malicious actor could convince a victim to clone a repository with a symbolic link pointing at sensitive information on the victim's machine. This can be done either by having the victim clone a malicious repository on the same machine, or having them clone a malicious repository embedded as a bare repository via a submodule from any source, provided they clone with the `--recurse-submodules` option. Git does not create symbolic links in the `$GIT_DIR/objects` directory. The problem has been patched in the versions published on 2022-10-18, and backported to v2.30.x. Potential workarounds: Avoid cloning untrusted repositories using the `--local` optimization when on a shared machine, either by passing the `--no-local` option to `git clone` or cloning from a URL that uses the `file://` scheme. Alternatively, avoid cloning repositories from untrusted sources with `--recurse-submodules` or run `git config --global protocol.file.allow user`.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-200", description: "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-10T17:14:58.362681", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85", }, { name: "FEDORA-2022-12790ca71a", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/", }, { name: "FEDORA-2022-8b58806840", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/", }, { url: "https://support.apple.com/kb/HT213496", }, { name: "FEDORA-2022-53aadd995f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "FEDORA-2022-2c33bba286", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMQWGMDLX6KTVWW5JZLVPI7ICAK72TN7/", }, { name: "FEDORA-2022-fb088df94c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "[oss-security] 20230214 [Announce] Git 2.39.2 and friends", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/02/14/5", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-15", }, { name: "[oss-security] 20240514 git: 5 vulnerabilities fixed", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, ], source: { advisory: "GHSA-3wp6-j8xr-qw85", discovery: "UNKNOWN", }, title: "Git subject to exposure of sensitive information via local clone of symbolic links", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39253", datePublished: "2022-10-19T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:43.267Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-39260
Vulnerability from cvelistv5
Published
2022-10-19 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:00:43.573Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6", }, { name: "FEDORA-2022-8b58806840", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT213496", }, { name: "FEDORA-2022-53aadd995f", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "FEDORA-2022-fb088df94c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.30.6", }, { status: "affected", version: "> 2.31.0, < 2.31.5", }, { status: "affected", version: "> 2.32.0, < 2.32.4", }, { status: "affected", version: "> 2.33.0, < 2.33.5", }, { status: "affected", version: "> 2.34.0, < 2.34.5", }, { status: "affected", version: "> 2.34.0, < 2.35.5", }, { status: "affected", version: "> 2.35.0, < 2.36.3", }, { status: "affected", version: "> 2.37.0, < 2.37.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int` to represent the number of entries in the array, allowing a malicious actor to intentionally overflow the return value, leading to arbitrary heap writes. Because the resulting array is then passed to `execv()`, it is possible to leverage this attack to gain remote code execution on a victim machine. Note that a victim must first allow access to `git shell` as a login shell in order to be vulnerable to this attack. This problem is patched in versions 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 and users are advised to upgrade to the latest version. Disabling `git shell` access via remote logins is a viable short-term workaround.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-787", description: "CWE-787: Out-of-bounds Write", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-122", description: "CWE-122: Heap-based Buffer Overflow", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2023-12-27T10:06:16.422068", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { url: "https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6", }, { name: "FEDORA-2022-8b58806840", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UKFHE4KVD7EKS5J3KTDFVBEKU3CLXGVV/", }, { url: "https://support.apple.com/kb/HT213496", }, { name: "FEDORA-2022-53aadd995f", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHNO2FB55CPX47BAXMBWUBGWHO6N6ZZH/", }, { name: "20221107 APPLE-SA-2022-11-01-1 Xcode 14.1", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2022/Nov/1", }, { name: "FEDORA-2022-fb088df94c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C7B6JPKX5CGGLAHXJVQMIZNNEEB72FHD/", }, { name: "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", }, { name: "GLSA-202312-15", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-15", }, ], source: { advisory: "GHSA-rjr6-wcq6-83p6", discovery: "UNKNOWN", }, title: "Git vulnerable to Remote Code Execution via Heap overflow in `git shell`", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2022-39260", datePublished: "2022-10-19T00:00:00", dateReserved: "2022-09-02T00:00:00", dateUpdated: "2024-08-03T12:00:43.573Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-5260
Vulnerability from cvelistv5
Published
2020-04-14 22:50
Modified
2024-08-04 08:22
Severity ?
EPSS score ?
Summary
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: < 2.17.4 Version: >= 2.18.0, < 2.18.3 Version: >= 2.19.0, 2.19.4 Version: >= 2.20.0, < 2.20.3 Version: >= 2.21.0, < 2.21.2 Version: >= 2.22.0, < 2.22.3 Version: >= 2.23.0, < 2.23.2 Version: >= 2.24.0, < 2.24.2 Version: >= 2.25.0, < 2.25.3 Version: >= 2.26.0, < 2.26.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T08:22:09.095Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/", }, { name: "DSA-4657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2020/dsa-4657", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2177-1] git security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html", }, { name: "[oss-security] 20200415 CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/5", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", }, { name: "[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/6", }, { name: "openSUSE-SU-2020:0524", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT211141", }, { name: "FEDORA-2020-cdef88bb89", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/", }, { name: "[oss-security] 20200420 CVE-2020-11008: Git: Malicious URLs can still cause Git to send a stored credential to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2020/04/20/1", }, { name: "GLSA-202004-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202004-13", }, { name: "FEDORA-2020-c6548b488f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/", }, { name: "FEDORA-2020-f6b3b6fb18", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4329-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4329-1/", }, { name: "FEDORA-2020-4e093619bb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.17.4", }, { status: "affected", version: ">= 2.18.0, < 2.18.3", }, { status: "affected", version: ">= 2.19.0, 2.19.4", }, { status: "affected", version: ">= 2.20.0, < 2.20.3", }, { status: "affected", version: ">= 2.21.0, < 2.21.2", }, { status: "affected", version: ">= 2.22.0, < 2.22.3", }, { status: "affected", version: ">= 2.23.0, < 2.23.2", }, { status: "affected", version: ">= 2.24.0, < 2.24.2", }, { status: "affected", version: ">= 2.25.0, < 2.25.3", }, { status: "affected", version: ">= 2.26.0, < 2.26.1", }, ], }, ], descriptions: [ { lang: "en", value: "Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external \"credential helper\" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-06T18:06:08", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", }, { tags: [ "x_refsource_MISC", ], url: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/", }, { name: "DSA-4657", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2020/dsa-4657", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2177-1] git security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html", }, { name: "[oss-security] 20200415 CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/5", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", }, { name: "[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/04/15/6", }, { name: "openSUSE-SU-2020:0524", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT211141", }, { name: "FEDORA-2020-cdef88bb89", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/", }, { name: "[oss-security] 20200420 CVE-2020-11008: Git: Malicious URLs can still cause Git to send a stored credential to the wrong server", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2020/04/20/1", }, { name: "GLSA-202004-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202004-13", }, { name: "FEDORA-2020-c6548b488f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/", }, { name: "FEDORA-2020-f6b3b6fb18", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4329-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4329-1/", }, { name: "FEDORA-2020-4e093619bb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, ], source: { advisory: "GHSA-qm7j-c969-7j4q", discovery: "UNKNOWN", }, title: "malicious URLs may cause Git to present stored credentials to the wrong server", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2020-5260", STATE: "PUBLIC", TITLE: "malicious URLs may cause Git to present stored credentials to the wrong server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "git", version: { version_data: [ { version_value: "< 2.17.4", }, { version_value: ">= 2.18.0, < 2.18.3", }, { version_value: ">= 2.19.0, 2.19.4", }, { version_value: ">= 2.20.0, < 2.20.3", }, { version_value: ">= 2.21.0, < 2.21.2", }, { version_value: ">= 2.22.0, < 2.22.3", }, { version_value: ">= 2.23.0, < 2.23.2", }, { version_value: ">= 2.24.0, < 2.24.2", }, { version_value: ">= 2.25.0, < 2.25.3", }, { version_value: ">= 2.26.0, < 2.26.1", }, ], }, }, ], }, vendor_name: "git", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external \"credential helper\" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1.", }, ], }, impact: { cvss: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 9.3, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", refsource: "CONFIRM", url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { name: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", refsource: "MISC", url: "https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b", }, { name: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf@gitster.c.googlers.com/", refsource: "MISC", url: "https://lore.kernel.org/git/xmqqy2qy7xn8.fsf@gitster.c.googlers.com/", }, { name: "DSA-4657", refsource: "DEBIAN", url: "https://www.debian.org/security/2020/dsa-4657", }, { name: "[debian-lts-announce] 20200415 [SECURITY] [DLA 2177-1] git security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html", }, { name: "[oss-security] 20200415 CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/04/15/5", }, { name: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html", }, { name: "[oss-security] 20200415 Re: CVE-2020-5260: Git: malicious URLs may cause Git to present stored credentials to the wrong server", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/04/15/6", }, { name: "openSUSE-SU-2020:0524", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html", }, { name: "https://support.apple.com/kb/HT211141", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT211141", }, { name: "FEDORA-2020-cdef88bb89", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/", }, { name: "[oss-security] 20200420 CVE-2020-11008: Git: Malicious URLs can still cause Git to send a stored credential to the wrong server", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2020/04/20/1", }, { name: "GLSA-202004-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202004-13", }, { name: "FEDORA-2020-c6548b488f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/", }, { name: "FEDORA-2020-f6b3b6fb18", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4329-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4329-1/", }, { name: "FEDORA-2020-4e093619bb", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, ], }, source: { advisory: "GHSA-qm7j-c969-7j4q", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2020-5260", datePublished: "2020-04-14T22:50:12", dateReserved: "2020-01-02T00:00:00", dateUpdated: "2024-08-04T08:22:09.095Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-11008
Vulnerability from cvelistv5
Published
2020-04-21 18:40
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's "store" helper - Git's "cache" helper - the "osxkeychain" helper that ships in Git's "contrib" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| git | git |
Version: < 2.17.5 Version: >= 2.18.0, < 2.18.4 Version: >= 2.19.0, 2.19.5 Version: >= 2.20.0, < 2.20.4 Version: >= 2.21.0, < 2.21.3 Version: >= 2.22.0, < 2.22.4 Version: >= 2.23.0, < 2.23.3 Version: >= 2.24.0, < 2.24.3 Version: >= 2.25.0, < 2.25.4 Version: >= 2.26.0, < 2.26.2 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T11:21:14.528Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282", }, { name: "GLSA-202004-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202004-13", }, { name: "[debian-lts-announce] 20200424 [SECURITY] [DLA 2182-1] git security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00015.html", }, { name: "FEDORA-2020-f6b3b6fb18", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4334-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "https://usn.ubuntu.com/4334-1/", }, { name: "FEDORA-2020-4e093619bb", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT211183", }, { name: "20200522 APPLE-SA-2020-05-20-1 Xcode 11.5", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2020/May/41", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "< 2.17.5", }, { status: "affected", version: ">= 2.18.0, < 2.18.4", }, { status: "affected", version: ">= 2.19.0, 2.19.5", }, { status: "affected", version: ">= 2.20.0, < 2.20.4", }, { status: "affected", version: ">= 2.21.0, < 2.21.3", }, { status: "affected", version: ">= 2.22.0, < 2.22.4", }, { status: "affected", version: ">= 2.23.0, < 2.23.3", }, { status: "affected", version: ">= 2.24.0, < 2.24.3", }, { status: "affected", version: ">= 2.25.0, < 2.25.4", }, { status: "affected", version: ">= 2.26.0, < 2.26.2", }, ], }, ], descriptions: [ { lang: "en", value: "Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external \"credential helper\" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a \"blank\" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's \"store\" helper - Git's \"cache\" helper - the \"osxkeychain\" helper that ships in Git's \"contrib\" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-20", description: "CWE-20: Improper Input Validation", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-05-22T18:06:08", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282", }, { name: "GLSA-202004-13", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202004-13", }, { name: "[debian-lts-announce] 20200424 [SECURITY] [DLA 2182-1] git security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00015.html", }, { name: "FEDORA-2020-f6b3b6fb18", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4334-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "https://usn.ubuntu.com/4334-1/", }, { name: "FEDORA-2020-4e093619bb", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT211183", }, { name: "20200522 APPLE-SA-2020-05-20-1 Xcode 11.5", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2020/May/41", }, ], source: { advisory: "GHSA-hjc9-x69f-jqj7", discovery: "UNKNOWN", }, title: "Malicious URLs can still cause Git to send a stored credential to the wrong server", x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security-advisories@github.com", ID: "CVE-2020-11008", STATE: "PUBLIC", TITLE: "Malicious URLs can still cause Git to send a stored credential to the wrong server", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "git", version: { version_data: [ { version_value: "< 2.17.5", }, { version_value: ">= 2.18.0, < 2.18.4", }, { version_value: ">= 2.19.0, 2.19.5", }, { version_value: ">= 2.20.0, < 2.20.4", }, { version_value: ">= 2.21.0, < 2.21.3", }, { version_value: ">= 2.22.0, < 2.22.4", }, { version_value: ">= 2.23.0, < 2.23.3", }, { version_value: ">= 2.24.0, < 2.24.3", }, { version_value: ">= 2.25.0, < 2.25.4", }, { version_value: ">= 2.26.0, < 2.26.2", }, ], }, }, ], }, vendor_name: "git", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external \"credential helper\" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a \"blank\" pattern to helpers, missing hostname and protocol fields. Many helpers will interpret this as matching _any_ URL, and will return some unspecified stored password, leaking the password to an attacker's server. The vulnerability can be triggered by feeding a malicious URL to `git clone`. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The root of the problem is in Git itself, which should not be feeding blank input to helpers. However, the ability to exploit the vulnerability in practice depends on which helpers are in use. Credential helpers which are known to trigger the vulnerability: - Git's \"store\" helper - Git's \"cache\" helper - the \"osxkeychain\" helper that ships in Git's \"contrib\" directory Credential helpers which are known to be safe even with vulnerable versions of Git: - Git Credential Manager for Windows Any helper not in this list should be assumed to trigger the vulnerability.", }, ], }, impact: { cvss: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-20: Improper Input Validation", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7", refsource: "CONFIRM", url: "https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7", }, { name: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", refsource: "MISC", url: "https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q", }, { name: "https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282", refsource: "MISC", url: "https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282", }, { name: "GLSA-202004-13", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202004-13", }, { name: "[debian-lts-announce] 20200424 [SECURITY] [DLA 2182-1] git security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2020/04/msg00015.html", }, { name: "FEDORA-2020-f6b3b6fb18", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/", }, { name: "FEDORA-2020-b2a2c830cf", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/", }, { name: "USN-4334-1", refsource: "UBUNTU", url: "https://usn.ubuntu.com/4334-1/", }, { name: "FEDORA-2020-4e093619bb", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/", }, { name: "openSUSE-SU-2020:0598", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html", }, { name: "https://support.apple.com/kb/HT211183", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT211183", }, { name: "20200522 APPLE-SA-2020-05-20-1 Xcode 11.5", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2020/May/41", }, ], }, source: { advisory: "GHSA-hjc9-x69f-jqj7", discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2020-11008", datePublished: "2020-04-21T18:40:13", dateReserved: "2020-03-30T00:00:00", dateUpdated: "2024-08-04T11:21:14.528Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0477
Vulnerability from cvelistv5
Published
2006-01-31 11:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lwn.net/Articles/169623/ | x_refsource_CONFIRM | |
| http://secunia.com/advisories/18643 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/16417 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24360 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2006/0367 | vdb-entry, x_refsource_VUPEN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:34:14.799Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lwn.net/Articles/169623/", }, { name: "18643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18643", }, { name: "16417", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16417", }, { name: "git-gitcheckoutindex-bo(24360)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24360", }, { name: "ADV-2006-0367", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0367", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-01-27T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://lwn.net/Articles/169623/", }, { name: "18643", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18643", }, { name: "16417", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16417", }, { name: "git-gitcheckoutindex-bo(24360)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24360", }, { name: "ADV-2006-0367", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0367", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0477", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://lwn.net/Articles/169623/", refsource: "CONFIRM", url: "http://lwn.net/Articles/169623/", }, { name: "18643", refsource: "SECUNIA", url: "http://secunia.com/advisories/18643", }, { name: "16417", refsource: "BID", url: "http://www.securityfocus.com/bid/16417", }, { name: "git-gitcheckoutindex-bo(24360)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24360", }, { name: "ADV-2006-0367", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0367", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0477", datePublished: "2006-01-31T11:00:00", dateReserved: "2006-01-31T00:00:00", dateUpdated: "2024-08-07T16:34:14.799Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-5916
Vulnerability from cvelistv5
Published
2009-01-21 02:00
Modified
2024-08-07 11:13
Severity ?
EPSS score ?
Summary
gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T11:13:13.759Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "git-gitweb-privilege-escalation(47528)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/47528", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/2", }, { name: "50918", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/50918", }, { name: "33282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33282", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33964", }, { name: "[oss-security] 20090115 CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/15/2", }, { name: "[linux-kernel] 20081220 [Security] gitweb local privilege escalation (fix)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=linux-kernel&m=122975564100863&w=2:", }, { name: "FEDORA-2008-11650", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html", }, { name: "FEDORA-2008-11653", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html", }, { name: "4922", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/4922", }, { name: "[git] 20081220 [Security] gitweb local privilege escalation (fix)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://marc.info/?l=git&m=122975564100860&w=2", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-12-20T00:00:00", descriptions: [ { lang: "en", value: "gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-07T12:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "git-gitweb-privilege-escalation(47528)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/47528", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/2", }, { name: "50918", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/50918", }, { name: "33282", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33282", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33964", }, { name: "[oss-security] 20090115 CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/15/2", }, { name: "[linux-kernel] 20081220 [Security] gitweb local privilege escalation (fix)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=linux-kernel&m=122975564100863&w=2:", }, { name: "FEDORA-2008-11650", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html", }, { name: "FEDORA-2008-11653", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html", }, { name: "4922", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/4922", }, { name: "[git] 20081220 [Security] gitweb local privilege escalation (fix)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://marc.info/?l=git&m=122975564100860&w=2", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-5916", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "git-gitweb-privilege-escalation(47528)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/47528", }, { name: "[oss-security] 20090120 Re: CVE request -- git", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2009/01/20/2", }, { name: "50918", refsource: "OSVDB", url: "http://osvdb.org/50918", }, { name: "33282", refsource: "SECUNIA", url: "http://secunia.com/advisories/33282", }, { name: "GLSA-200903-15", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { name: "34194", refsource: "SECUNIA", url: "http://secunia.com/advisories/34194", }, { name: "33964", refsource: "SECUNIA", url: "http://secunia.com/advisories/33964", }, { name: "[oss-security] 20090115 CVE request -- git", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2009/01/15/2", }, { name: "[linux-kernel] 20081220 [Security] gitweb local privilege escalation (fix)", refsource: "MLIST", url: "http://marc.info/?l=linux-kernel&m=122975564100863&w=2:", }, { name: "FEDORA-2008-11650", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01169.html", }, { name: "FEDORA-2008-11653", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-December/msg01170.html", }, { name: "4922", refsource: "SREASON", url: "http://securityreason.com/securityalert/4922", }, { name: "[git] 20081220 [Security] gitweb local privilege escalation (fix)", refsource: "MLIST", url: "http://marc.info/?l=git&m=122975564100860&w=2", }, { name: "USN-723-1", refsource: "UBUNTU", url: "http://www.ubuntu.com/usn/USN-723-1", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-5916", datePublished: "2009-01-21T02:00:00", dateReserved: "2009-01-20T00:00:00", dateUpdated: "2024-08-07T11:13:13.759Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-32021
Vulnerability from cvelistv5
Published
2024-05-14 19:15
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning
will be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.39.4", status: "affected", version: "0", versionType: "custom", }, { lessThan: "2.40.2", status: "affected", version: "2.40.0", versionType: "custom", }, { lessThan: "2.41.1", status: "affected", version: "2.41.0", versionType: "custom", }, { lessThan: "2.42.2", status: "affected", version: "2.42.0", versionType: "custom", }, { lessThan: "2.43.4", status: "affected", version: "2.43.0", versionType: "custom", }, { lessThan: "2.44.1", status: "affected", version: "2.44.0", versionType: "custom", }, { lessThan: "2.45.1", status: "affected", version: "2.45.0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32021", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-11T20:29:23.147248Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-11T20:39:28.890Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T01:59:50.833Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "= 2.45.0", }, { status: "affected", version: "= 2.44.0", }, { status: "affected", version: ">= 2.43.0, < 2.43.4", }, { status: "affected", version: ">= 2.42.0, < 2.42.2", }, { status: "affected", version: "= 2.41.0", }, { status: "affected", version: ">= 2.40.0, < 2.40.2", }, { status: "affected", version: "< 2.39.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as the target repository in the `objects/` directory. Cloning a local repository over the filesystem may creating hardlinks to arbitrary user-owned files on the same filesystem in the target Git repository's `objects/` directory. When cloning a repository over the filesystem (without explicitly specifying the `file://` protocol or `--no-local`), the optimizations for local cloning\nwill be used, which include attempting to hard link the object files instead of copying them. While the code includes checks against symbolic links in the source repository, which were added during the fix for CVE-2022-39253, these checks can still be raced because the hard link operation ultimately follows symlinks. If the object on the filesystem appears as a file during the check, and then a symlink during the operation, this will allow the adversary to bypass the check and create hardlinks in the destination objects directory to arbitrary, user-readable files. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "LOCAL", availabilityImpact: "LOW", baseScore: 3.9, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-547", description: "CWE-547: Use of Hard-coded, Security-relevant Constants", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:05:54.295Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-mvxm-9j2h-qjx7", discovery: "UNKNOWN", }, title: "Local Git clone may hardlink arbitrary user-readable files into the new repository's \"objects/\" directory", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32021", datePublished: "2024-05-14T19:15:28.534Z", dateReserved: "2024-04-09T15:29:35.937Z", dateUpdated: "2025-02-13T17:52:05.770Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-5516
Vulnerability from cvelistv5
Published
2009-01-20 16:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:56:46.863Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-1708", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1708", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { name: "ADV-2009-0175", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae", }, { name: "4919", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/4919", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33964", }, { name: "SUSE-SR:2009:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { name: "[oss-security] 20090123 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { name: "20090113 rPSA-2009-0005-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { name: "[oss-security] 20090121 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2936", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-01-13T00:00:00", descriptions: [ { lang: "en", value: "The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-1708", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1708", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { name: "ADV-2009-0175", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { tags: [ "x_refsource_MISC", ], url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=c582abae", }, { name: "4919", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/4919", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33964", }, { name: "SUSE-SR:2009:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { name: "[oss-security] 20090123 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { name: "20090113 rPSA-2009-0005-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { name: "[oss-security] 20090121 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2936", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-5516", datePublished: "2009-01-20T16:00:00", dateReserved: "2008-12-12T00:00:00", dateUpdated: "2024-08-07T10:56:46.863Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-5517
Vulnerability from cvelistv5
Published
2009-01-13 16:00
Modified
2024-08-07 10:56
Severity ?
EPSS score ?
Summary
The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:56:46.681Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "DSA-1708", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2009/dsa-1708", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { name: "ADV-2009-0175", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/33964", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5", }, { name: "33215", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/33215", }, { name: "SUSE-SR:2009:001", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { name: "[oss-security] 20090123 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { name: "20090113 rPSA-2009-0005-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { name: "[oss-security] 20090121 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2936", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2009-01-12T00:00:00", descriptions: [ { lang: "en", value: "The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "DSA-1708", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2009/dsa-1708", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=479715", }, { name: "GLSA-200903-15", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200903-15.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2009-0005", }, { name: "ADV-2009-0175", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2009/0175", }, { name: "34194", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/34194", }, { name: "33964", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/33964", }, { tags: [ "x_refsource_MISC", ], url: "http://repo.or.cz/w/git.git?a=commitdiff%3Bh=516381d5", }, { name: "33215", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/33215", }, { name: "SUSE-SR:2009:001", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00002.html", }, { name: "[oss-security] 20090123 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/23/2", }, { name: "20090113 rPSA-2009-0005-1 git gitweb", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/500008/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330", }, { name: "[oss-security] 20090120 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/20/1", }, { name: "[oss-security] 20090121 Re: CVE request -- git", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2009/01/21/7", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2936", }, { name: "USN-723-1", tags: [ "vendor-advisory", "x_refsource_UBUNTU", ], url: "http://www.ubuntu.com/usn/USN-723-1", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2008-5517", datePublished: "2009-01-13T16:00:00", dateReserved: "2008-12-12T00:00:00", dateUpdated: "2024-08-07T10:56:46.681Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2024-32002
Vulnerability from cvelistv5
Published
2024-05-14 18:40
Modified
2025-02-13 17:52
Severity ?
EPSS score ?
Summary
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
References
Impacted products
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:git:git:2.45.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.45.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.44.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.44.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.43:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.43.4", status: "affected", version: "2.43", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.42.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.42.2", status: "affected", version: "2.42.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.41.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { status: "affected", version: "2.41.0", }, ], }, { cpes: [ "cpe:2.3:a:git:git:2.40.0:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.40.2", status: "affected", version: "2.40.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:git:git:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "git", vendor: "git", versions: [ { lessThan: "2.39.4", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2024-32002", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-05-29T14:18:00.384488Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-06T17:12:17.508Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-02T01:59:50.899Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", }, { name: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", }, { name: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", }, { name: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { tags: [ "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { tags: [ "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { tags: [ "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "git", vendor: "git", versions: [ { status: "affected", version: "= 2.45.0", }, { status: "affected", version: "= 2.44.0", }, { status: "affected", version: ">= 2.43.0, < 2.43.4", }, { status: "affected", version: ">= 2.42.0, < 2.42.2", }, { status: "affected", version: "= 2.41.0", }, { status: "affected", version: ">= 2.40.0, < 2.40.2", }, { status: "affected", version: "< 2.39.4", }, ], }, ], descriptions: [ { lang: "en", value: "Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-22", description: "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-434", description: "CWE-434: Unrestricted Upload of File with Dangerous Type", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-06-26T10:06:01.593Z", orgId: "a0819718-46f1-4df5-94e2-005712e83aaa", shortName: "GitHub_M", }, references: [ { name: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", tags: [ "x_refsource_CONFIRM", ], url: "https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv", }, { name: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", tags: [ "x_refsource_MISC", ], url: "https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d", }, { name: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt", }, { name: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", tags: [ "x_refsource_MISC", ], url: "https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks", }, { url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/", }, { url: "http://www.openwall.com/lists/oss-security/2024/05/14/2", }, { url: "https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html", }, ], source: { advisory: "GHSA-8h77-4q3w-gfgv", discovery: "UNKNOWN", }, title: "Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution", }, }, cveMetadata: { assignerOrgId: "a0819718-46f1-4df5-94e2-005712e83aaa", assignerShortName: "GitHub_M", cveId: "CVE-2024-32002", datePublished: "2024-05-14T18:40:46.652Z", dateReserved: "2024-04-08T13:48:37.492Z", dateUpdated: "2025-02-13T17:52:02.266Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201512-0156
Vulnerability from variot
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. Apple Xcode is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082
IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri
otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0156", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "xcode", scope: "lte", trust: 1, vendor: "apple", version: "7.1.1", }, { model: "xcode", scope: "lt", trust: 0.8, vendor: "apple", version: "7.2 (os x yosemite v10.10.5 or later )", }, { model: "xcode", scope: "eq", trust: 0.6, vendor: "apple", version: "7.1.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.6.3.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.55", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.47", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.46", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.24", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.4.4.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.4.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11", }, { model: "git", scope: "ne", trust: 0.3, vendor: "git", version: "2.5.4", }, { model: "xcode", scope: "ne", trust: 0.3, vendor: "apple", version: "7.2", }, ], sources: [ { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "NVD", id: "CVE-2015-7057", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.1.1", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-7057", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stephen Lardieri and Proteas of Qihoo 360 Nirvan Team", sources: [ { db: "BID", id: "78727", }, ], trust: 0.3, }, cve: "CVE-2015-7057", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2015-7057", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.9, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-85018", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-7057", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201512-346", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-85018", trust: 0.1, value: "MEDIUM", }, { author: "VULMON", id: "CVE-2015-7057", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-85018", }, { db: "VULMON", id: "CVE-2015-7057", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "NVD", id: "CVE-2015-7057", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7049. Apple Xcode is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-6 Xcode 7.2\n\nXcode 7.2 is now available and addresses the following:\n\nGit\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Multiple vulnerabilities existed in Git\nDescription: Multiple vulnerabilities existed in Git versions prior\nto 2.5.4. These were addressed by updating Git to version 2.5.4. \nCVE-ID\nCVE-2015-7082\n\nIDE SCM\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Intentionally untracked files may be uploaded to\nrepositories\nDescription: Xcode did not honor the .gitignore directive. This\nissue was addressed by adding support to honor .gitignore file. \nCVE-ID\nCVE-2015-7056 : Stephen Lardieri\n\notools\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of mach-o files. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team\nCVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 7.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau\nFNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4\nOfg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t\n6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h\n1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT\nrnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr\nHCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu\nPQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI\ngPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O\npPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi\n5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH\nObtqW74YB0YXaiw1ckGl\n=FxUB\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2015-7057", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "BID", id: "78727", }, { db: "VULHUB", id: "VHN-85018", }, { db: "VULMON", id: "CVE-2015-7057", }, { db: "PACKETSTORM", id: "134747", }, ], trust: 2.16, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-7057", trust: 3, }, { db: "SECTRACK", id: "1034340", trust: 1.2, }, { db: "JVN", id: "JVNVU97526033", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-006363", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201512-346", trust: 0.7, }, { db: "BID", id: "78727", trust: 0.4, }, { db: "VULHUB", id: "VHN-85018", trust: 0.1, }, { db: "VULMON", id: "CVE-2015-7057", trust: 0.1, }, { db: "PACKETSTORM", id: "134747", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-85018", }, { db: "VULMON", id: "CVE-2015-7057", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7057", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, id: "VAR-201512-0156", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-85018", }, ], trust: 0.01, }, last_update_date: "2023-12-18T11:40:51.243000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Apple security updates", trust: 0.8, url: "https://support.apple.com/en-us/ht201222", }, { title: "APPLE-SA-2015-12-08-6 Xcode 7.2", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { title: "HT205642", trust: 0.8, url: "https://support.apple.com/en-us/ht205642", }, { title: "HT205642", trust: 0.8, url: "http://support.apple.com/ja-jp/ht205642", }, { title: "Apple Xcode otools Buffer Overflow Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59164", }, { title: "Apple: Xcode 7.2", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=b0f396ef6a900924a1f83c1172e037b6", }, ], sources: [ { db: "VULMON", id: "CVE-2015-7057", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-85018", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "NVD", id: "CVE-2015-7057", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.8, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { trust: 1.8, url: "https://support.apple.com/ht205642", }, { trust: 1.2, url: "http://www.securitytracker.com/id/1034340", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7057", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu97526033/", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7057", }, { trust: 0.3, url: "http://git.or.cz/", }, { trust: 0.3, url: "http://www.apple.com/macosx/", }, { trust: 0.3, url: "https://developer.apple.com/xcode/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/119.html", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://support.apple.com/kb/ht205642", }, { trust: 0.1, url: "https://www.securityfocus.com/bid/78727", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7057", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7082", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://gpgtools.org", }, { trust: 0.1, url: "https://developer.apple.com/xcode/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7049", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7056", }, ], sources: [ { db: "VULHUB", id: "VHN-85018", }, { db: "VULMON", id: "CVE-2015-7057", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7057", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-85018", }, { db: "VULMON", id: "CVE-2015-7057", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006363", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7057", }, { db: "CNNVD", id: "CNNVD-201512-346", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-11T00:00:00", db: "VULHUB", id: "VHN-85018", }, { date: "2015-12-11T00:00:00", db: "VULMON", id: "CVE-2015-7057", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006363", }, { date: "2015-12-10T17:11:47", db: "PACKETSTORM", id: "134747", }, { date: "2015-12-11T11:59:23.117000", db: "NVD", id: "CVE-2015-7057", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-346", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-12-07T00:00:00", db: "VULHUB", id: "VHN-85018", }, { date: "2016-12-07T00:00:00", db: "VULMON", id: "CVE-2015-7057", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006363", }, { date: "2016-12-07T18:22:22.417000", db: "NVD", id: "CVE-2015-7057", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-346", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-201512-346", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apple Xcode of otools Vulnerability gained in", sources: [ { db: "JVNDB", id: "JVNDB-2015-006363", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-201512-346", }, ], trust: 0.6, }, }
var-201512-0148
Vulnerability from variot
otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. Apple Xcode is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082
IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri
otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0148", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "xcode", scope: "lte", trust: 1, vendor: "apple", version: "7.1.1", }, { model: "xcode", scope: "lt", trust: 0.8, vendor: "apple", version: "7.2 (os x yosemite v10.10.5 or later )", }, { model: "xcode", scope: "eq", trust: 0.6, vendor: "apple", version: "7.1.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.6.3.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.55", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.47", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.46", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.24", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.4.4.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.4.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11", }, { model: "git", scope: "ne", trust: 0.3, vendor: "git", version: "2.5.4", }, { model: "xcode", scope: "ne", trust: 0.3, vendor: "apple", version: "7.2", }, ], sources: [ { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "NVD", id: "CVE-2015-7049", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.1.1", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-7049", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stephen Lardieri and Proteas of Qihoo 360 Nirvan Team", sources: [ { db: "BID", id: "78727", }, ], trust: 0.3, }, cve: "CVE-2015-7049", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "NVD", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, impactScore: 6.4, integrityImpact: "PARTIAL", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Local", authentication: "None", author: "NVD", availabilityImpact: "Partial", baseScore: 4.6, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2015-7049", impactScore: null, integrityImpact: "Partial", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "LOCAL", authentication: "NONE", author: "VULHUB", availabilityImpact: "PARTIAL", baseScore: 4.6, confidentialityImpact: "PARTIAL", exploitabilityScore: 3.9, id: "VHN-85010", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "MEDIUM", trust: 0.1, vectorString: "AV:L/AC:L/AU:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-7049", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201512-339", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-85010", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-85010", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "NVD", id: "CVE-2015-7049", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "otools in Apple Xcode before 7.2 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted mach-o file, a different vulnerability than CVE-2015-7057. Apple Xcode is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-6 Xcode 7.2\n\nXcode 7.2 is now available and addresses the following:\n\nGit\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Multiple vulnerabilities existed in Git\nDescription: Multiple vulnerabilities existed in Git versions prior\nto 2.5.4. These were addressed by updating Git to version 2.5.4. \nCVE-ID\nCVE-2015-7082\n\nIDE SCM\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Intentionally untracked files may be uploaded to\nrepositories\nDescription: Xcode did not honor the .gitignore directive. This\nissue was addressed by adding support to honor .gitignore file. \nCVE-ID\nCVE-2015-7056 : Stephen Lardieri\n\notools\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of mach-o files. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team\nCVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 7.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau\nFNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4\nOfg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t\n6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h\n1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT\nrnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr\nHCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu\nPQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI\ngPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O\npPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi\n5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH\nObtqW74YB0YXaiw1ckGl\n=FxUB\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2015-7049", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "BID", id: "78727", }, { db: "VULHUB", id: "VHN-85010", }, { db: "PACKETSTORM", id: "134747", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-7049", trust: 2.9, }, { db: "SECTRACK", id: "1034340", trust: 1.1, }, { db: "JVN", id: "JVNVU97526033", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-006361", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201512-339", trust: 0.7, }, { db: "BID", id: "78727", trust: 0.3, }, { db: "PACKETSTORM", id: "134747", trust: 0.2, }, { db: "VULHUB", id: "VHN-85010", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-85010", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7049", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, id: "VAR-201512-0148", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-85010", }, ], trust: 0.01, }, last_update_date: "2023-12-18T11:04:40.295000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Apple security updates", trust: 0.8, url: "https://support.apple.com/en-us/ht201222", }, { title: "APPLE-SA-2015-12-08-6 Xcode 7.2", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { title: "HT205642", trust: 0.8, url: "https://support.apple.com/en-us/ht205642", }, { title: "HT205642", trust: 0.8, url: "http://support.apple.com/ja-jp/ht205642", }, { title: "Apple Xcode otools Buffer Overflow Vulnerability Fix", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59157", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-119", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-85010", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "NVD", id: "CVE-2015-7049", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { trust: 1.7, url: "https://support.apple.com/ht205642", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1034340", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7049", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu97526033/", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7049", }, { trust: 0.3, url: "http://git.or.cz/", }, { trust: 0.3, url: "http://www.apple.com/macosx/", }, { trust: 0.3, url: "https://developer.apple.com/xcode/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7057", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7082", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://gpgtools.org", }, { trust: 0.1, url: "https://developer.apple.com/xcode/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7049", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7056", }, ], sources: [ { db: "VULHUB", id: "VHN-85010", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7049", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-85010", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006361", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7049", }, { db: "CNNVD", id: "CNNVD-201512-339", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-11T00:00:00", db: "VULHUB", id: "VHN-85010", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006361", }, { date: "2015-12-10T17:11:47", db: "PACKETSTORM", id: "134747", }, { date: "2015-12-11T11:59:15.193000", db: "NVD", id: "CVE-2015-7049", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-339", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-12-07T00:00:00", db: "VULHUB", id: "VHN-85010", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006361", }, { date: "2016-12-07T18:22:16.993000", db: "NVD", id: "CVE-2015-7049", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-339", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "local", sources: [ { db: "CNNVD", id: "CNNVD-201512-339", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apple Xcode of otools Vulnerability gained in", sources: [ { db: "JVNDB", id: "JVNDB-2015-006361", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "buffer overflow", sources: [ { db: "CNNVD", id: "CNNVD-201512-339", }, ], trust: 0.6, }, }
var-201512-0116
Vulnerability from variot
Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. This vulnerability Xcode Relevant only when using.It may be affected unspecified. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. Git is a free and open source distributed version control system developed by American software developer Linus Torvalds. A security vulnerability exists in Git 2.5.3 and earlier versions used in Apple Xcode 7.1.1 and earlier versions. Attackers can exploit this vulnerability to cause unknown effects. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082
IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri
otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0116", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "git", scope: "lte", trust: 1, vendor: "git", version: "2.5.3", }, { model: "git", scope: "eq", trust: 0.9, vendor: "git", version: "2.5.3", }, { model: "git", scope: "lt", trust: 0.8, vendor: "git", version: "2.5.4", }, { model: "xcode", scope: "lt", trust: 0.8, vendor: "apple", version: "7.2 (os x yosemite v10.10.5 or later )", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.6.3.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.55", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.47", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.46", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.24", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.4.4.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.4.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11", }, { model: "git", scope: "ne", trust: 0.3, vendor: "git", version: "2.5.4", }, { model: "xcode", scope: "ne", trust: 0.3, vendor: "apple", version: "7.2", }, ], sources: [ { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "NVD", id: "CVE-2015-7082", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:git_project:git:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "2.5.3", vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apple:xcode:7.1.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-7082", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stephen Lardieri and Proteas of Qihoo 360 Nirvan Team", sources: [ { db: "BID", id: "78727", }, ], trust: 0.3, }, cve: "CVE-2015-7082", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: true, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 10, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2015-7082", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", exploitabilityScore: 10, id: "VHN-85043", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-7082", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201512-370", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-85043", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-85043", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "NVD", id: "CVE-2015-7082", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases. This vulnerability Xcode Relevant only when using.It may be affected unspecified. \nAttackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. Git is a free and open source distributed version control system developed by American software developer Linus Torvalds. A security vulnerability exists in Git 2.5.3 and earlier versions used in Apple Xcode 7.1.1 and earlier versions. Attackers can exploit this vulnerability to cause unknown effects. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-6 Xcode 7.2\n\nXcode 7.2 is now available and addresses the following:\n\nGit\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Multiple vulnerabilities existed in Git\nDescription: Multiple vulnerabilities existed in Git versions prior\nto 2.5.4. These were addressed by updating Git to version 2.5.4. \nCVE-ID\nCVE-2015-7082\n\nIDE SCM\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Intentionally untracked files may be uploaded to\nrepositories\nDescription: Xcode did not honor the .gitignore directive. This\nissue was addressed by adding support to honor .gitignore file. \nCVE-ID\nCVE-2015-7056 : Stephen Lardieri\n\notools\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of mach-o files. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team\nCVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 7.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau\nFNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4\nOfg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t\n6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h\n1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT\nrnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr\nHCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu\nPQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI\ngPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O\npPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi\n5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH\nObtqW74YB0YXaiw1ckGl\n=FxUB\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2015-7082", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "BID", id: "78727", }, { db: "VULHUB", id: "VHN-85043", }, { db: "PACKETSTORM", id: "134747", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-7082", trust: 2.9, }, { db: "SECTRACK", id: "1034340", trust: 1.1, }, { db: "JVN", id: "JVNVU97526033", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-006364", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201512-370", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2020.2340", trust: 0.6, }, { db: "BID", id: "78727", trust: 0.3, }, { db: "VULHUB", id: "VHN-85043", trust: 0.1, }, { db: "PACKETSTORM", id: "134747", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-85043", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7082", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, id: "VAR-201512-0116", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-85043", }, ], trust: 0.01, }, last_update_date: "2023-12-18T11:24:44.205000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Apple security updates", trust: 0.8, url: "https://support.apple.com/en-us/ht201222", }, { title: "APPLE-SA-2015-12-08-6 Xcode 7.2", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { title: "HT205642", trust: 0.8, url: "https://support.apple.com/en-us/ht205642", }, { title: "HT205642", trust: 0.8, url: "http://support.apple.com/ja-jp/ht205642", }, { title: "Git v2.5.4 Release Notes", trust: 0.8, url: "https://github.com/git/git/blob/master/documentation/relnotes/2.5.4.txt", }, { title: "Apple Xcode Git Security vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59188", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "NVD-CWE-noinfo", trust: 1, }, ], sources: [ { db: "NVD", id: "CVE-2015-7082", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.1, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { trust: 1.1, url: "https://github.com/git/git/blob/master/documentation/relnotes/2.5.4.txt", }, { trust: 1.1, url: "https://support.apple.com/ht205642", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1034340", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7082", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu97526033/", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7082", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2340/", }, { trust: 0.3, url: "http://git.or.cz/", }, { trust: 0.3, url: "http://www.apple.com/macosx/", }, { trust: 0.3, url: "https://developer.apple.com/xcode/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7057", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7082", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://gpgtools.org", }, { trust: 0.1, url: "https://developer.apple.com/xcode/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7049", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7056", }, ], sources: [ { db: "VULHUB", id: "VHN-85043", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7082", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-85043", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006364", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7082", }, { db: "CNNVD", id: "CNNVD-201512-370", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-11T00:00:00", db: "VULHUB", id: "VHN-85043", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006364", }, { date: "2015-12-10T17:11:47", db: "PACKETSTORM", id: "134747", }, { date: "2015-12-11T11:59:47.580000", db: "NVD", id: "CVE-2015-7082", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-370", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-12-07T00:00:00", db: "VULHUB", id: "VHN-85043", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006364", }, { date: "2016-12-07T18:22:28.917000", db: "NVD", id: "CVE-2015-7082", }, { date: "2020-07-10T00:00:00", db: "CNNVD", id: "CNNVD-201512-370", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201512-370", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apple Xcode Used in Git Vulnerability in", sources: [ { db: "JVNDB", id: "JVNDB-2015-006364", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "lack of information", sources: [ { db: "CNNVD", id: "CNNVD-201512-370", }, ], trust: 0.6, }, }
var-201512-0155
Vulnerability from variot
IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. Apple Xcode is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. There is a security vulnerability in the IDE SCM of Apple Xcode 7.1.1 and earlier versions. The vulnerability stems from the fact that the program does not correctly identify the .gitignore file. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
APPLE-SA-2015-12-08-6 Xcode 7.2
Xcode 7.2 is now available and addresses the following:
Git Available for: OS X Yosemite v10.10.5 or later Impact: Multiple vulnerabilities existed in Git Description: Multiple vulnerabilities existed in Git versions prior to 2.5.4. These were addressed by updating Git to version 2.5.4. CVE-ID CVE-2015-7082
IDE SCM Available for: OS X Yosemite v10.10.5 or later Impact: Intentionally untracked files may be uploaded to repositories Description: Xcode did not honor the .gitignore directive. This issue was addressed by adding support to honor .gitignore file. CVE-ID CVE-2015-7056 : Stephen Lardieri
otools Available for: OS X Yosemite v10.10.5 or later Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: Multiple memory corruption issues existed in the processing of mach-o files. These issues were addressed through improved memory handling. CVE-ID CVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team CVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team
Installation note:
Xcode 7.2 may be obtained from: https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "7.2".
Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau FNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4 Ofg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t 6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h 1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT rnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr HCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu PQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI gPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O pPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi 5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH ObtqW74YB0YXaiw1ckGl =FxUB -----END PGP SIGNATURE-----
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201512-0155", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "xcode", scope: "lte", trust: 1, vendor: "apple", version: "7.1.1", }, { model: "xcode", scope: "lt", trust: 0.8, vendor: "apple", version: "7.2 (os x yosemite v10.10.5 or later )", }, { model: "xcode", scope: "eq", trust: 0.6, vendor: "apple", version: "7.1.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.1", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "2.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.9", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.6.3.2", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.66", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.65", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.6", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.56", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.55", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.47", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.46", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.5.24", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.5", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.5.0", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8.1.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.8", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.4", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.7.3.3", }, { model: "git", scope: "eq", trust: 0.3, vendor: "git", version: "1.4.4.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.4.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "7.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "6.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "5.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "4.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.5", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.4", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "3.0", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.3", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.2", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.1", }, { model: "xcode", scope: "eq", trust: 0.3, vendor: "apple", version: "2.0", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11.1", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.10.5", }, { model: "mac os", scope: "eq", trust: 0.3, vendor: "apple", version: "x10.11", }, { model: "git", scope: "ne", trust: 0.3, vendor: "git", version: "2.5.4", }, { model: "xcode", scope: "ne", trust: 0.3, vendor: "apple", version: "7.2", }, ], sources: [ { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "NVD", id: "CVE-2015-7056", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "7.1.1", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2015-7056", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stephen Lardieri and Proteas of Qihoo 360 Nirvan Team", sources: [ { db: "BID", id: "78727", }, ], trust: 0.3, }, cve: "CVE-2015-7056", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, impactScore: 2.9, integrityImpact: "NONE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", trust: 1, userInteractionRequired: false, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Low", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "None", baseScore: 5, confidentialityImpact: "Partial", exploitabilityScore: null, id: "CVE-2015-7056", impactScore: null, integrityImpact: "None", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "Medium", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "VHN-85017", impactScore: 2.9, integrityImpact: "NONE", severity: "MEDIUM", trust: 0.1, vectorString: "AV:N/AC:L/AU:N/C:P/I:N/A:N", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2015-7056", trust: 1.8, value: "MEDIUM", }, { author: "CNNVD", id: "CNNVD-201512-345", trust: 0.6, value: "MEDIUM", }, { author: "VULHUB", id: "VHN-85017", trust: 0.1, value: "MEDIUM", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-85017", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "NVD", id: "CVE-2015-7056", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "IDE SCM in Apple Xcode before 7.2 does not recognize .gitignore files, which allows remote attackers to obtain sensitive information in opportunistic circumstances by leveraging the presence of a file matching an ignore pattern. Apple Xcode is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, bypass security restrictions and perform unauthorized actions. Failed exploit attempts may result in a denial-of-service condition. Apple Xcode is an integrated development environment provided by Apple (Apple) to developers. It is mainly used to develop applications for Mac OS X and iOS. There is a security vulnerability in the IDE SCM of Apple Xcode 7.1.1 and earlier versions. The vulnerability stems from the fact that the program does not correctly identify the .gitignore file. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nAPPLE-SA-2015-12-08-6 Xcode 7.2\n\nXcode 7.2 is now available and addresses the following:\n\nGit\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Multiple vulnerabilities existed in Git\nDescription: Multiple vulnerabilities existed in Git versions prior\nto 2.5.4. These were addressed by updating Git to version 2.5.4. \nCVE-ID\nCVE-2015-7082\n\nIDE SCM\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: Intentionally untracked files may be uploaded to\nrepositories\nDescription: Xcode did not honor the .gitignore directive. This\nissue was addressed by adding support to honor .gitignore file. \nCVE-ID\nCVE-2015-7056 : Stephen Lardieri\n\notools\nAvailable for: OS X Yosemite v10.10.5 or later\nImpact: A local attacker may be able to cause unexpected application\ntermination or arbitrary code execution\nDescription: Multiple memory corruption issues existed in the\nprocessing of mach-o files. These issues were addressed through\nimproved memory handling. \nCVE-ID\nCVE-2015-7049 : Proteas of Qihoo 360 Nirvan Team\nCVE-2015-7057 : Proteas of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 7.2 may be obtained from:\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"7.2\". \n\nInformation will also be posted to the Apple Security Updates\nweb site: https://support.apple.com/kb/HT201222\n\nThis message is signed with Apple's Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n-----BEGIN PGP SIGNATURE-----\nComment: GPGTools - https://gpgtools.org\n\niQIcBAEBCgAGBQJWZzRaAAoJEBcWfLTuOo7td2kP/Ag61Qpz8uA8MgClf9SbFJau\nFNMDPV7ZOLPPc+DA37rQIwQemSe8dkt4Jnc6TOcTQdR7+f+Mt0QgscDW9xlOlYT4\nOfg5h5XnrKQ02DBkptD4ms5RH8JAHDKCYj8WttlBnBVsJMb6H3s5Om6vfubXkb7t\n6bdUMe7iCgRsGuRrBuzPfxjMzh2ilnWML1B6VJkRi6rMnWTW2a66BWvfqLL1Cv2h\n1ybIaJi1wsw0lTxGIb+bNM8lg+EL4JLEV+DSJ6mFtDpF6dQBqndbxjopbO5l6LzT\nrnWtFTQQ1/6SAM11n9bbDOQj8w8QW3v0CAyad4HN+5Ayk/qnuJZ8o1ycSGAIrQgr\nHCzG8RELjK9ipgkdu5daXUc75SGVPuuwobQM6SNzrg5M6SVzIvVdSibTwfgnDvgu\nPQO6mBZXLewSBoWqJAQnoDJXExSJ67IE5RzXwvg5KQcF+81Toj48HUxxd98PKrnI\ngPbhf8QT9/asGupN4wh3JjN73/qm2BwpJsbPvVj42Ew1OnsBgldpEL1Ssl/2qX0O\npPi1pfF6PIFQUrbloWyYC+lIJuydb3FZUYKLR6HSn7v7RrZu5n8Uvj+5VX3TyVOi\n5WzXvbHd9L3exphb8SnITTUdZX6LzkUgRrQRvGWTzT/AfIHQRAyliyk7BgYRqzHH\nObtqW74YB0YXaiw1ckGl\n=FxUB\n-----END PGP SIGNATURE-----\n", sources: [ { db: "NVD", id: "CVE-2015-7056", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "BID", id: "78727", }, { db: "VULHUB", id: "VHN-85017", }, { db: "PACKETSTORM", id: "134747", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2015-7056", trust: 2.9, }, { db: "SECTRACK", id: "1034340", trust: 1.1, }, { db: "JVN", id: "JVNVU97526033", trust: 0.8, }, { db: "JVNDB", id: "JVNDB-2015-006362", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201512-345", trust: 0.7, }, { db: "BID", id: "78727", trust: 0.3, }, { db: "VULHUB", id: "VHN-85017", trust: 0.1, }, { db: "PACKETSTORM", id: "134747", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-85017", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7056", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, id: "VAR-201512-0155", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-85017", }, ], trust: 0.01, }, last_update_date: "2023-12-18T11:41:02.993000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "Apple security updates", trust: 0.8, url: "https://support.apple.com/en-us/ht201222", }, { title: "APPLE-SA-2015-12-08-6 Xcode 7.2", trust: 0.8, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { title: "HT205642", trust: 0.8, url: "https://support.apple.com/en-us/ht205642", }, { title: "HT205642", trust: 0.8, url: "http://support.apple.com/ja-jp/ht205642", }, { title: "Apple Xcode IDE SCM Repair measures for information disclosure vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=59163", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-200", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-85017", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "NVD", id: "CVE-2015-7056", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 1.7, url: "http://lists.apple.com/archives/security-announce/2015/dec/msg00004.html", }, { trust: 1.7, url: "https://support.apple.com/ht205642", }, { trust: 1.1, url: "http://www.securitytracker.com/id/1034340", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7056", }, { trust: 0.8, url: "http://jvn.jp/vu/jvnvu97526033/", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7056", }, { trust: 0.3, url: "http://git.or.cz/", }, { trust: 0.3, url: "http://www.apple.com/macosx/", }, { trust: 0.3, url: "https://developer.apple.com/xcode/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7057", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7082", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://gpgtools.org", }, { trust: 0.1, url: "https://developer.apple.com/xcode/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7049", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2015-7056", }, ], sources: [ { db: "VULHUB", id: "VHN-85017", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7056", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-85017", }, { db: "BID", id: "78727", }, { db: "JVNDB", id: "JVNDB-2015-006362", }, { db: "PACKETSTORM", id: "134747", }, { db: "NVD", id: "CVE-2015-7056", }, { db: "CNNVD", id: "CNNVD-201512-345", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2015-12-11T00:00:00", db: "VULHUB", id: "VHN-85017", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006362", }, { date: "2015-12-10T17:11:47", db: "PACKETSTORM", id: "134747", }, { date: "2015-12-11T11:59:22.070000", db: "NVD", id: "CVE-2015-7056", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-345", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2016-12-07T00:00:00", db: "VULHUB", id: "VHN-85017", }, { date: "2015-12-08T00:00:00", db: "BID", id: "78727", }, { date: "2015-12-15T00:00:00", db: "JVNDB", id: "JVNDB-2015-006362", }, { date: "2016-12-07T18:22:21.337000", db: "NVD", id: "CVE-2015-7056", }, { date: "2015-12-14T00:00:00", db: "CNNVD", id: "CNNVD-201512-345", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201512-345", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Apple Xcode of IDE SCM Vulnerability in which important information is obtained", sources: [ { db: "JVNDB", id: "JVNDB-2015-006362", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "information disclosure", sources: [ { db: "CNNVD", id: "CNNVD-201512-345", }, ], trust: 0.6, }, }