{"id": "CFOUNDRY:33A3ADC279E30BE5B159D93B7A2D0E27", "bulletinFamily": "software", "title": "USN-2835-1 git vulnerability | Cloud Foundry", "description": "USN-2835-1 git vulnerability\n\n# \n\nMedium\n\n# Vendor\n\ngit\n\n# Versions Affected\n\n * Ubuntu 14.04 \n\n# Description\n\nBlake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.\n\nThe Cloud Foundry project released a new Cloud Foundry rootfs, cflinuxfs2 v.1.23.0, that has the patches.\n\n# Affected Products and Versions\n\n_Severity is medium unless otherwise noted. \n_\n\n * All versions of Cloud Foundry cflinuxfs2 prior to v.1.23.0. \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.23.0 or later versions. \n\n# Credit\n\nBlake Burkhart\n\n# References\n\n * <http://www.ubuntu.com/usn/usn-2835-1>\n * <https://bosh.io/stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n", "published": "2016-01-07T00:00:00", "modified": "2016-01-07T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.cloudfoundry.org/blog/usn-2835-1/", "reporter": "Cloud Foundry", "references": [], "cvelist": [], "type": "cloudfoundry", "lastseen": "2018-09-07T03:25:40", "edition": 2, "viewCount": 1, "enchantments": {"score": {"value": 0.8, "vector": "NONE", "modified": "2018-09-07T03:25:40", "rev": 2}, "dependencies": {"references": [], "modified": "2018-09-07T03:25:40", "rev": 2}, "vulnersScore": 0.8}, "affectedSoftware": []}

{}