Lucene search
K

132 matches found

Tenable Nessus
Tenable Nessus
added 2018/10/22 12:0 a.m.26 views

Fedora 27 : git (2018-d5139c4fd6)

Upstream security update resolving an issue with git clone --recurse-submodules. From the upstream release announcement : These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with...

9.8CVSS7.5AI score0.97356EPSS
Exploits12References2
Tenable Nessus
Tenable Nessus
added 2018/10/19 12:0 a.m.29 views

Amazon Linux AMI : git (ALAS-2018-1093)

Git before 2.14.5, allows remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character.CVE-2018-17456 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

9.8CVSS7.6AI score0.97356EPSS
Exploits12References2
exploitpack
exploitpack
added 2018/10/16 12:0 a.m.147 views

Git Submodule - Arbitrary Code Execution

Git Submodule - Arbitrary Code Execution CVE-2018-17456 I've gotten a couple of questions about exploitation for the recent RCE in Git. So here we go with some technical details. TL;DR Here is a PoC repository. EDB Note: Mirror...

7.5CVSS0.3AI score0.97356EPSS
Exploits20
OSV
OSV
added 2018/10/15 12:58 p.m.10 views

SUSE-SU-2018:3150-1 Security update for git

This update for git fixes the following issues: - CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949...

9.8CVSS9.8AI score0.97356EPSS
Exploits12References3
Tenable Nessus
Tenable Nessus
added 2018/10/15 12:0 a.m.36 views

openSUSE Security Update : git (openSUSE-2018-1147)

This update for git fixes the following issues : - CVE-2018-17456: Git allowed remote code execution during processing of a recursive 'git clone' of a superproject if a .gitmodules file has a URL field beginning with a '-' character. boo1110949. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

9.8CVSS7.6AI score0.97356EPSS
Exploits12References2
OSV
OSV
added 2018/10/14 12:58 a.m.10 views

MGASA-2018-0395 Updated git packages fix security vulnerability

joernchen of Phenoelit discovered that git is prone to an arbitrary code execution vulnerability due to insufficient validation of submodule url and path via a specially crafted .gitmodules file in a project cloned with --recurse-submodules CVE-2018-17456...

9.8CVSS9.3AI score0.97356EPSS
Exploits12References2
Mageia
Mageia
added 2018/10/14 12:58 a.m.42 views

Updated git packages fix security vulnerability

joernchen of Phenoelit discovered that git is prone to an arbitrary code execution vulnerability due to insufficient validation of submodule url and path via a specially crafted .gitmodules file in a project cloned with --recurse-submodules CVE-2018-17456...

9.8CVSS3.3AI score0.97356EPSS
Exploits12References1
0day.today
0day.today
added 2018/10/09 12:0 a.m.239 views

Git Submodule - Arbitrary Code Execution Vulnerability

Exploit for linux platform in category local exploits These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git...

9.1AI score0.97356EPSS
Exploits12
Tenable Nessus
Tenable Nessus
added 2018/10/09 12:0 a.m.38 views

Debian DSA-4311-1 : git - security update

joernchen of Phenoelit discovered that git, a fast, scalable, distributed revision control system, is prone to an arbitrary code execution vulnerability via a specially crafted .gitmodules file in a project cloned with --recurse-submodules. C Tenable Network Security, Inc. The descriptive text an...

9.8CVSS7.1AI score0.97356EPSS
Exploits12References4
Packet Storm
Packet Storm
added 2018/10/08 12:0 a.m.128 views

Git Submodule Arbitrary Code Execution

These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git parses the supplied .gitmodules file for a URL field an...

0.1AI score0.97356EPSS
Exploits12
Prion
Prion
added 2018/10/06 2:29 p.m.33 views

Remote code execution

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

7.5CVSS9.6AI score0.97356EPSS
Exploits12References18Affected Software11
NVD
NVD
added 2018/10/06 2:29 p.m.28 views

CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS9.8AI score0.97356EPSS
Exploits12References18
OSV
OSV
added 2018/10/06 2:29 p.m.6 views

ALPINE-CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS8.2AI score0.97356EPSS
Exploits12References1
OSV
OSV
added 2018/10/06 2:29 p.m.3 views

DEBIAN-CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS7.9AI score0.97356EPSS
Exploits12References1
CVE
CVE
added 2018/10/06 2:0 p.m.651 views

CVE-2018-17456

CVE-2018-17456 is a remote code execution in Git triggered when processing a recursive clone of a superproject if a .gitmodules URL starts with a dash. Affected Git versions include 2.14.5 and later 2.15.x/2.16.x/2.17.x/2.18.x/2.19.x before the fixed releases listed (e.g., 2.14.5 and subsequent u...

9.8CVSS9.3AI score0.97356EPSS
Exploits12References18Affected Software1
Debian CVE
Debian CVE
added 2018/10/06 2:0 p.m.29 views

CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS8.2AI score0.97356EPSS
Exploits12
OSV
OSV
added 2018/10/06 12:0 a.m.4 views

UBUNTU-CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS7.3AI score0.97356EPSS
Exploits12References4
UbuntuCve
UbuntuCve
added 2018/10/06 12:0 a.m.38 views

CVE-2018-17456

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character...

9.8CVSS7AI score0.97356EPSS
Exploits12References3
Debian
Debian
added 2018/10/05 7:29 p.m.52 views

[SECURITY] [DSA 4311-1] git security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4311-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso October 05, 2018 https://www.debian.org/security/faq -...

9.8CVSS9.1AI score0.97356EPSS
Exploits12
exploitpack
exploitpack
added 2018/10/05 12:0 a.m.100 views

Git Submodule - Arbitrary Code Execution (PoC)

Git Submodule - Arbitrary Code Execution PoC These releases fix a security flaw CVE-2018-17456, which allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules. When running "git clone --recurse-submodules", Git parses the...

7.5CVSS9.4AI score0.97356EPSS
Exploits12
Rows per page
Query Builder