27 matches found
gitoxide: CommandForbiddenInModulesConfiguration Bypass in gix_submodule::File::update() Enables Arbitrary Command Execution via .gitmodules
Summary gixsubmodule::File::update is the API that gates whether an attacker-supplied .gitmodules file may set update = !. The function is designed to return ErrCommandForbiddenInModulesConfiguration unless the !command value came from a trusted local source .git/config. Git CVE CVE-2019-19604...
CVE-2019-19604
creationtimestamp| type| source ---|---|--- 2024-03-10 08:41:52+00:00| seen| https://t.me/ctinow/204145...
Amazon Linux 2 : git (ALAS-2023-1943)
The version of git installed on the remote host is prior to 2.23.1-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1943 advisory. A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite...
Mageia: Security Advisory (MGASA-2019-0393)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0045-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3311-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : git (openSUSE-2020-598)
This update for git fixes the following issues : Security issues fixed : - CVE-2020-11008: Specially crafted URLs may have tricked the credentials helper to providing credential information that is not appropriate for the protocol in use and host being contacted bsc1169936 git was updated to 2.26...
EulerOS Virtualization for ARM 64 3.0.2.0 : git (EulerOS-SA-2020-1537)
According to the versions of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1361)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : git (EulerOS-SA-2020-1101)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Executio...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2020-1101)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : git (openSUSE-2020-123)
This update for git fixes the following issues : Security issues fixed : - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice bsc1158787. - CVE-2019-19604: Fixed a recursive clone...
openSUSE: Security Advisory for git (openSUSE-SU-2020:0123_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Photon OS 3.0: Git PHSA-2020-3.0-0047
An update of the git package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-3.0-0047. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid133063; scriptversion"1.6...
Photon OS 1.0: Git PHSA-2019-1.0-0263
An update of the git package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0263. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid132964;...
Fedora Update for git FEDORA-2019-1cec196e20
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Amazon Linux 2 : git (ALAS-2019-1371)
Git mistakes some paths for relative paths allowing writing outside of the worktree while cloning CVE-2019-1351 NTFS protections inactive when running Git in the Windows Subsystem for Linux CVE-2019-1353 remote code execution in recursive clones with nested submodules CVE-2019-1387 Arbitrary path...
[ASA-201912-6] git: arbitrary code execution
Arch Linux Security Advisory ASA-201912-6 ========================================= Severity: High Date : 2019-12-18 CVE-ID : CVE-2019-1348 CVE-2019-1349 CVE-2019-1352 CVE-2019-1387 CVE-2019-19604 Package : git Type : arbitrary code execution Remote : Yes Link :...
Debian DSA-4581-1 : git - security update
Several vulnerabilities have been discovered in git, a fast, scalable, distributed revision control system. - CVE-2019-1348 It was reported that the --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=..., allowing to overwrite arbitrary paths. ...
FreeBSD : Gitlab -- Multiple Vulnerabilities (21944144-1b90-11ea-a2d4-001b217b3468)
Gitlab reports : Path traversal with potential remote code execution Disclosure of private code via Elasticsearch integration Update Git dependency C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright...