3097 matches found
UBUNTU-CVE-2024-32004
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1,...
UBUNTU-CVE-2024-32002
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory...
CVE-2024-32002
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a .git/ directory...
CVE-2024-32020 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...
CVE-2024-32020
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...
CVE-2024-32004 Git vulnerable to Remote Code Execution while cloning special-crafted local repositories
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1,...
PT-2024-3748 · Git +9 · Git +9
Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4 Description: The issue is related to Git, a revision control system. When cloning a local source repository that contains symlinks via the filesystem, Git may...
Git 安全漏洞
Git is a free, open source distributed version control system. A security vulnerability exists in Git that stems from the fact that a local clone can hard-link arbitrary user-readable files into the object directory of a new repository...
Git 安全漏洞
Git is a free, open source distributed version control system. Git has a security vulnerability that stems from the fact that a local clone may end up hard-linking files into the object database of the target repository...
Fedora 38 : pypy (2024-797928fed3)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-797928fed3 advisory. Security fix for CVE-2023-5752 in the bundled pip. Tenable has extracted the preceding description block directly from the Fedora security advisory...
CVE-2024-24833 WordPress Happy Addons for Elementor plugin <= 3.10.1 - Broken Access Control on Post Clone vulnerability
Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons.This issue affects Happy Addons for Elementor: from n/a through = 3.10.1...
Arbitrary Code Execution
Mercurial is vulnerable to a Arbitrary Code Execution. The vulnerability is due to incorrect bound checks in the binary delta decoder which allows an attacker to execute arbitrary code via a clone, push, or pull command, related to either list sizing rounding error or short records...
SUSE CVE-2024-32884
gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...
CVE-2024-33636
Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1...
CVE-2024-33636
CVE-2024-33636 corresponds to a Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone (WP Page Post Widget Clone), affecting versions up to 1.0.1. The initial description and connected Red Hat entry confirm this issue; no exploits or detailed remediation are provided in the...
PT-2024-25396 · WordPress · Mahesh Vora Wp Page Post Widget Clone
Name of the Vulnerable Software and Affected Versions: Mahesh Vora WP Page Post Widget Clone versions 1.0.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone. Recommendations: For Mahesh Vora WP Page Post Widget Clone...
WordPress plugin WP Page Post Widget Clone 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
AZL-40264 CVE-2024-32884 affecting package rust for versions less than 1.72.0-8
gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...
AZL-40229 CVE-2024-32884 affecting package rust for versions less than 1.75.0-9
gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...
CVE-2024-32884
gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for text that the external ssh program would interpret as an option. A specially crafted clone URL can smuggle options to SSH. The possibilities are syntactically limited, but if a malicious clo...