Search criteria
3 vulnerabilities found for git-bug by git-bug_project
FKIE_CVE-2021-28955
Vulnerability from fkie_nvd - Published: 2021-03-22 07:15 - Updated: 2024-11-21 06:00
Severity
Summary
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr | Third Party Advisory | |
| cve@mitre.org | https://vuln.ryotak.me/advisories/18 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuln.ryotak.me/advisories/18 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| git-bug_project | git-bug | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:git-bug_project:git-bug:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E539EF8E-1E7B-46C5-83A5-CB321963B37F",
"versionEndExcluding": "0.7.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows)."
},
{
"lang": "es",
"value": "git-bug versiones anteriores a 0.7.2, presenta un Elemento de Ruta de B\u00fasqueda No Controlada.\u0026#xa0;Ejecutar\u00e1 git.bat desde el directorio actual en determinadas situaciones de PATH (visto con mayor frecuencia en Windows)"
}
],
"id": "CVE-2021-28955",
"lastModified": "2024-11-21T06:00:26.217",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-22T07:15:12.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://vuln.ryotak.me/advisories/18"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://vuln.ryotak.me/advisories/18"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2021-28955 (GCVE-0-2021-28955)
Vulnerability from cvelistv5 – Published: 2021-03-22 06:19 – Updated: 2024-08-03 21:55
VLAI
Summary
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/MichaelMure/git-bug/security/a… | x_refsource_MISC |
| https://vuln.ryotak.me/advisories/18 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuln.ryotak.me/advisories/18"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T05:42:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuln.ryotak.me/advisories/18"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr",
"refsource": "MISC",
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"name": "https://vuln.ryotak.me/advisories/18",
"refsource": "MISC",
"url": "https://vuln.ryotak.me/advisories/18"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28955",
"datePublished": "2021-03-22T06:19:43.000Z",
"dateReserved": "2021-03-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:55:12.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-28955 (GCVE-0-2021-28955)
Vulnerability from nvd – Published: 2021-03-22 06:19 – Updated: 2024-08-03 21:55
VLAI
Summary
git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows).
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/MichaelMure/git-bug/security/a… | x_refsource_MISC |
| https://vuln.ryotak.me/advisories/18 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T21:55:12.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuln.ryotak.me/advisories/18"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-05T05:42:11.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuln.ryotak.me/advisories/18"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-28955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations (most often seen on Windows)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr",
"refsource": "MISC",
"url": "https://github.com/MichaelMure/git-bug/security/advisories/GHSA-m898-h4pm-pqfr"
},
{
"name": "https://vuln.ryotak.me/advisories/18",
"refsource": "MISC",
"url": "https://vuln.ryotak.me/advisories/18"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-28955",
"datePublished": "2021-03-22T06:19:43.000Z",
"dateReserved": "2021-03-21T00:00:00.000Z",
"dateUpdated": "2024-08-03T21:55:12.206Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}