Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Git-lfs Security Vulnerabilities

cve
cve

CVE-2022-24826

On Windows, if Git LFS operates on a malicious repository with a ..exe file as well as a file named git.exe, and git.exe is not found in PATH, the ..exe program will be executed, permitting the attacker to execute arbitrary code. This does not affect Unix systems. Similarly, if the malicious...

9.8CVSS

7.9AI Score

0.001EPSS

2022-04-20 12:16 AM
47
cve
cve

CVE-2021-21237

Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program would be executed, permitting the attacker to execute arbitrary code. This does not affect Unix...

7.8CVSS

8.8AI Score

0.951EPSS

2021-01-15 06:15 PM
82
3