Lucene search

CVE-2024-37904

🗓️ 18 Jun 2024 17:52:15Reported by [email protected]Type

Minder's Git provider is vulnerable to a denial of service attack due to a lack of size limit enforcement on cloned repositories, fixed in release v0.0.5

Reporter	Title	Published	Views	Family All 8
Vulnrichment	CVE-2024-37904 Denial of service from maliciously configured Git repository in Minder	18 Jun 202417:07	–	vulnrichment
OSV	GHSA-HPCG-XJQ5-G666 Minder affected by denial of service from maliciously configured Git repository	18 Jun 202416:34	–	osv
OSV	CVE-2024-37904	18 Jun 202417:15	–	osv
OSV	GO-2024-2934 Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder	28 Jun 202415:28	–	osv
Veracode	Denial Of Service (DoS)	19 Jun 202405:22	–	veracode
Cvelist	CVE-2024-37904 Denial of service from maliciously configured Git repository in Minder	18 Jun 202417:07	–	cvelist
Github Security Blog	Minder affected by denial of service from maliciously configured Git repository	18 Jun 202416:34	–	github
CVE	CVE-2024-37904	18 Jun 202417:15	–	cve

Source	Link
github	www.github.com/stacklok/minder/security/advisories/GHSA-hpcg-xjq5-g666
github	www.github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go
github	www.github.com/stacklok/minder/commit/7979b43
github	www.github.com/stacklok/minder/blob/85985445c8ac3e51f03372e99c7b2f08a6d274aa/internal/providers/git/git.go

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

18 Jun 2024 17:15Current

CVSS35.7

EPSS0.00045

CWE-400