Ubuntu 16.04 LTS / 18.04 LTS : Git vulnerabilities (USN-7964-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7964-1 advisory. It was discovered that Git did not properly sanitize URLs when asking for credentials via a terminal prompt. An attacker could possibly use...

USN-7964-1 git vulnerabilities

It was discovered that Git did not properly sanitize URLs when asking for credentials via a terminal prompt. An attacker could possibly use this issue to trick a user into disclosing their password. CVE-2024-50349 It was discovered that Git did not properly handle carriage return characters in it...

USN-7964-1: Git vulnerabilities

It was discovered that Git did not properly sanitize URLs when asking for credentials via a terminal prompt. An attacker could possibly use this issue to trick a user into disclosing their password. CVE-2024-50349 It was discovered that Git did not properly handle carriage return characters in it...

CLSA-2026-1767870671 Fix CVE(s): CVE-2024-52006

SECURITY UPDATE: Carriage Return injection in credential protocol - debian/patches/CVE-2024-52006.patch: fix Carriage Return injection in credential protocol - CVE-2024-52006...

SUSE-RU-2025:20362-1 Recommended update for git

This update for git fixes the following issues: - CVE-2024-50349: passwords for trusted sites could be sent to untrusted sites bsc1235600 - CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601...

SUSE-SU-2025:20197-1 Security update for git

This update for git fixes the following issues: - CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. - CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601...

SUSE-SU-2025:0144-1 Security update for git

This update for git fixes the following issues: - CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. - CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601...

Security update for git

This update for git fixes the following issues: CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites bsc1235600. CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers bsc1235601. Patch Instructions: To install this SUSE update use the SUSE...

FreeBSD : git -- multiple vulnerabilities (3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8 advisory. Git development team reports: CVE-2024-50349: Printing unsanitized URLs when asking for...

PT-2025-2920

Name of the Vulnerable Software and Affected Versions Git versions prior to v2.48.1 Git versions prior to v2.47.2 Git versions prior to v2.46.3 Git versions prior to v2.45.3 Git versions prior to v2.44.3 Git versions prior to v2.43.6 Git versions prior to v2.42.4 Git versions prior to v2.41.3 Git...

git -- multiple vulnerabilities

Git development team reports: CVE-2024-50349: Printing unsanitized URLs when asking for credentials made the user susceptible to crafted URLs e.g. in recursive clones that mislead the user into typing in passwords for trusted sites that would then be sent to untrusted sites instead. CVE-2024-5200...

About the security content of Xcode 11.5 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Fedora 30 : git (2020-4e093619bb)

Security fix for CVE-2020-5260 and CVE-2020-11008 CVE-2020-5260 - From the upstream release notes : With a crafted URL that contains a newline in it, the credential helper machinery can be fooled to give credential information for a wrong host. The attack has been made impossible by forbidding a...