Lucene search
+L

71 matches found

cvelist
cvelist
added 2023/10/11 10:41 a.m.40 views

CVE-2023-44109

Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality...

7.7AI score0.00337EPSS
Exploits0References2
cve
cve
added 2023/10/11 10:41 a.m.62 views

CVE-2023-44109

CVE-2023-44109 describes a clone vulnerability in the huks ta module affecting Huawei HarmonyOS environments. The vulnerability may compromise service confidentiality if exploited. The provided documents do not specify affected versions, exploit details, or a confirmed remediation/patch. Several ...

7.5CVSS7.5AI score0.00337EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2023/10/11 12:0 a.m.7 views

PT-2023-29105 · Unknown · Huks Ta Module

Name of the Vulnerable Software and Affected Versions: huks ta module affected versions not specified Description: The issue is related to a clone vulnerability in the huks ta module. Successful exploitation of this vulnerability may affect service confidentiality. Recommendations: At the moment,...

7.5CVSS7.3AI score0.00337EPSS
Exploits0References5
osv
osv
added 2023/08/11 9:30 a.m.11 views

GHSA-PR76-5CM5-W9CJ GitPython vulnerable to remote code execution due to insufficient sanitization of input arguments

GitPython before 3.1.32 does not block insecure non-multi options in clone and clonefrom, making it vulnerable to Remote Code Execution RCE due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerabili...

9.8CVSS6AI score0.00984EPSS
Exploits0References10
mscve
mscve
added 2023/01/23 8:0 a.m.5 views

Git clone remote code execution vulnerability in git-for-windows

...

8.6CVSS8.6AI score0.06796EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/01/17 9:3 p.m.12 views

CVE-2022-41953 Git clone remote code execution vulnerability in git-for-windows

Git GUI is a convenient graphical tool that comes with Git for Windows. Its target audience is users who are uncomfortable with using Git on the command-line. Git GUI has a function to clone repositories. Immediately after the local clone is available, Git GUI will automatically post-process it,...

8.6CVSS9.1AI score0.06796EPSS
Exploits0References4
cnnvd
cnnvd
added 2022/12/06 12:0 a.m.10 views

Simple Git 操作系统命令注入漏洞

Simple Git is a lightweight interface from Steve King Personal Developer in the UK. It is used to run Git commands in any Node.js application. An operating system command injection vulnerability exists in Simple Git versions prior to 3.15.0, which stems from vulnerability to Remote Code Execution...

9.8CVSS8.5AI score0.02784EPSS
Exploits1References6
snyk
snyk
added 2022/11/10 1:55 p.m.3 views

Remote Code Execution (RCE)

Overview simple-git is a light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE when enabling the ext transport protocol, which makes it exploitable via clone method. This vulnerability exists due t...

9.8CVSS7.4AI score0.04067EPSS
Exploits2References2
osv
osv
added 2022/10/17 4:15 p.m.4 views

UBUNTU-CVE-2022-3283

A potential DOS vulnerability was discovered in GitLab CE/EE affecting all versions before before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 While cloning an issue with special crafted content added to the description could have been used ...

7.5CVSS7.1AI score0.01349EPSS
Exploits1References2
vulnersosv
vulnersosv
added 2022/07/02 12:0 a.m.7 views

-llscw-react-cli (>=1.0.0 <=1.1.0-beta2), 002-node-cli (=1.0.0) +13395 more potentially affected by CVE-2022-25900 via git-clone (>=0.0.2 <=0.2.0)

git-clone NPM version =0.0.2, =1.0.0, =0.0.1, =1.0.0, =1.0.11 and more Source cves: CVE-2022-25900 Source advisory: OSV:GHSA-8JMW-WJR8-2X66...

10CVSS7.2AI score0.03227EPSS
Exploits1
nvd
nvd
added 2022/07/01 8:15 p.m.73 views

CVE-2022-25900

All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git...

10CVSS0.03227EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2022/07/01 12:0 a.m.6 views

PT-2022-17595

Name of the Vulnerable Software and Affected Versions: git-clone affected versions not specified Description: The git-clone package is susceptible to Command Injection due to insecure usage of the --upload-pack feature of git. This allows for potential malicious code execution. Credit for...

10CVSS9.6AI score0.03227EPSS
Exploits1References9
snyk
snyk
added 2022/05/24 5:40 p.m.3 views

Missing Authorization

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Missing Authorization via the bugactiongroup.php process. An attacker, with rights to create new issues, can clone any private issue, including all bugnotes and attachments, by manipulating the...

7.1CVSS6.9AI score0.01111EPSS
Exploits1References2
redhatcve
redhatcve
added 2022/05/21 12:17 a.m.34 views

CVE-2019-13226

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/block-dev-basename in the Helper::temporaryMountDevice function to temporarily mount a file system as root. An unprivileged user can prepare a symlink at this location to have the file system mounted in an arbitrary...

7CVSS2.1AI score0.00278EPSS
Exploits0References2
attackerkb
attackerkb
added 2022/04/01 8:0 p.m.3 views

CVE-2022-24066

The package simple-git before 3.5.0 are vulnerable to Command Injection due to an incomplete fix of CVE-2022-24433 which only patches against the git fetch attack vector. A similar use of the --upload-pack feature of git is also supported for git clone, which the prior fix didn't cover...

9.8CVSS5.5AI score0.04067EPSS
Exploits1References5
vulnersosv
vulnersosv
added 2022/03/28 10:43 a.m.6 views

-llscw-react-cli (>=1.0.0 <=1.1.0-beta2), 002-node-cli (=1.0.0) +13395 more potentially affected by CVE-2022-25900 via git-clone (>=0.0.2 <=0.2.0)

git-clone NPM version =0.0.2, =1.0.0, =0.0.1, =1.0.0, =1.0.11 and more Source cves: CVE-2022-25900 Source advisory: SNYK:JS-GITCLONE-2434308...

10CVSS7.2AI score0.03227EPSS
Exploits1
snyk
snyk
added 2022/03/28 10:43 a.m.5 views

Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Overview git-clone is a Clone a git repository Affected versions of this package are vulnerable to Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' due to insecure usage of the --upload-pack feature of git. Note: A note was added to the README file of the package t...

10CVSS6.7AI score0.03227EPSS
Exploits1References2
mscve
mscve
added 2021/07/16 12:0 a.m.5 views

In Docker before 18.09.4 an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs and results in command injection into the underlying "git clone" command leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag.

...

8.4CVSS7AI score0.02025EPSS
Exploits1
ptsecurity
ptsecurity
added 2020/07/17 12:0 a.m.8 views

PT-2020-4343 · Teclib +1 · Glpi +1

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.1 Description: The issue is related to the Clone feature in the GLPI system, which is vulnerable due to incorrect neutralization of special elements used in SQL queries. This allows a remote attacker to execute...

10CVSS7AI score0.99628EPSS
Exploits32References127
osv
osv
added 2019/12/16 1:55 p.m.8 views

SUSE-SU-2019:3311-1 Security update for git

This update for git fixes the following issues: Security issues fixed: - CVE-2019-1349: Fixed issue on Windows, when submodules are cloned recursively, under certain circumstances Git could be fooled into using the same Git directory twice bsc1158787. - CVE-2019-19604: Fixed a recursive clone...

9.8CVSS7.2AI score0.34007EPSS
Exploits1References20
Rows per page
Query Builder