Lucene search
K

24 matches found

vulnersOsv
vulnersOsv
added 2022/05/17 7:57 p.m.4 views

at.molindo:git-commit-id-plugin (=2.1.10-alpha-1), at.nonblocking:nonsnapshot-maven-plugin (=3.0.1) +512 more potentially affected by CVE-2014-9390 via org.eclipse.jgit:org.eclipse.jgit (>=1.2.0.201112221803-r <=3.5.2.201411120430-r)

org.eclipse.jgit:org.eclipse.jgit MAVEN version =1.2.0.201112221803-r, =2.0.0, =2.0.4, =0.1.1, =0.1.1, =0.0.1, =0.2.8, =1.0.2, =2.0.0, =0.9.0, =1.1.0, =0.0.2, =0.0.7 and more Source cves: CVE-2014-9390 Source advisory: OSV:GHSA-6VVC-C2M3-CJF3...

9.8CVSS7.2AI score0.63178EPSS
Exploits5
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2015:0100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.63178EPSS
Exploits5References2
OSV
OSV
added 2020/02/12 2:15 a.m.11 views

CVE-2014-9390

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

9.8CVSS9.3AI score
Exploits0References11
CVE
CVE
added 2020/02/12 1:58 a.m.211 views

CVE-2014-9390

CVE-2014-9390 describes a remote command-execution risk in Git and several VCS clients when interacting with repositories on case-insensitive filesystems. A crafted .git/config in a tree can trigger arbitrary commands on the server/client, depending on the tool. Affected versions (per provided so...

9.8CVSS9.1AI score0.63178EPSS
Exploits5References9Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2020/02/05 12:9 a.m.51 views

Security Bulletin: Security vulnerability with Eclipse Git Team Provider affects Rational Application Developer (CVE-2014-9390)

Summary This vulnerability affects users on Windows and Mac OS X but not typical UNIX users. Even though the issue may not affect Linux users, if you are a hosting service whose users may fetch from your service to Windows or Mac OS X machines, you are strongly encouraged to update to protect suc...

9.8CVSS0.63178EPSS
Exploits5Affected Software1
Circl
Circl
added 2018/05/29 3:50 p.m.10 views

CVE-2014-9390

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gitclientcommandexec.rb 2025-02-06 03:13:42+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:09:34+00:00| seen|...

9.8CVSS7.2AI score0.63178EPSS
Exploits5References4
0day.today
0day.today
added 2017/03/23 12:0 a.m.116 views

GIT 1.8.5.6 / 1.9.5 / 2.0.5 / 2.1.4/ 2.2.1 & Mercurial < 3.2.3 - Exploit

Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Malicious Git and Mercurial HTTP Server For CVE-2014-9390',...

10CVSS9.4AI score0.73364EPSS
Exploits9
OpenVAS
OpenVAS
added 2016/02/05 12:0 a.m.34 views

Oracle: Security Advisory (ELSA-2015-2515)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.5AI score0.63178EPSS
Exploits5References2
Oracle linux
Oracle linux
added 2016/02/04 12:0 a.m.38 views

git19-git security update

1.9.4-3.1 - fix arbitrary code execution via crafted URLs Resolves: 1273889 1.9.4-3 - fix CVE-2014-9390 Resolves: rhbz1220552...

7.5CVSS4.1AI score0.63178EPSS
Exploits5
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.47 views

Mageia: Security Advisory (MGASA-2015-0325)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.63178EPSS
Exploits5References4
OSV
OSV
added 2015/08/26 8:36 p.m.8 views

MGASA-2015-0325 Updated cgit package fixes security vulnerability

cgit in Mageia 4/5 bundles an old git that is being subject to a minor security issue CVE-2014-9390. The cgit package was updated to its latest upstream release, and updates the bundled git to the non-vulnerable version 2.5.0, which contains various bug fixes...

9.8CVSS9.4AI score0.63178EPSS
Exploits5References3
Mageia
Mageia
added 2015/08/26 8:36 p.m.46 views

Updated cgit package fixes security vulnerability

cgit in Mageia 4/5 bundles an old git that is being subject to a minor security issue CVE-2014-9390. The cgit package was updated to its latest upstream release, and updates the bundled git to the non-vulnerable version 2.5.0, which contains various bug fixes...

9.8CVSS9.1AI score0.63178EPSS
Exploits5References2
Debian
Debian
added 2015/06/04 7:24 a.m.92 views

[SECURITY] [DLA 237-1] mercurial security update

Package : mercurial Version : 1.6.4-1+deb6u1 CVE ID : CVE-2014-9390 CVE-2014-9462 CVE-2014-9462 Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command...

9.8CVSS7.2AI score0.63178EPSS
Exploits6
OSV
OSV
added 2015/05/11 12:0 a.m.26 views

DSA-3257-1 mercurial - security update

Bulletin has no description...

7.5CVSS9.4AI score0.04199EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.29 views

Apple Xcode < 6.2 beta 3 .git/config Command Execution (Mac OS X) (deprecated)

The remote Mac OS X host has a version of Apple Xcode prior to 6.2 beta 3. It is, therefore, affected by a remote command execution vulnerability when processing git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a...

0.4AI score0.63178EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.28 views

Fedora Update for eclipse-jgit FEDORA-2014-17341

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.63178EPSS
Exploits5References2
Packet Storm
Packet Storm
added 2015/01/02 12:0 a.m.56 views

Malicious Git And Mercurial HTTP Server For CVE-2014-9390

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Malicious Git and Mercurial HTTP Server For CVE-2014-9390', 'Description' = %q This module exploits CVE-2014-9390, which affects Git...

9.6AI score0.63178EPSS
Exploits5
Metasploit
Metasploit
added 2015/01/01 7:3 p.m.66 views

Malicious Git and Mercurial HTTP Server For CVE-2014-9390

This module exploits CVE-2014-9390, which affects Git versions less than 1.8.5.6, 1.9.5, 2.0.5, 2.1.4 and 2.2.1 and Mercurial versions less than 3.2.3 and describes three vulnerabilities. On operating systems which have case-insensitive file systems, like Windows and OS X, Git clients can be...

9.8CVSS9.7AI score0.63178EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2014/12/30 12:0 a.m.27 views

Fedora 21 : eclipse-egit-3.5.3-1.fc21 / eclipse-jgit-3.5.3-1.fc21 (2014-17341)

Fixes for CVE-2014-9390 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...

9.8CVSS8.1AI score0.63178EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2014/12/23 12:0 a.m.45 views

GitHub < 1.9.4 .git/config Command Execution (Mac OS X)

The remote Mac OS X host has a version of GitHub prior to 194 installed. It is, therefore, affected by a remote command execution vulnerability when processing git trees in a case-insensitive or case-normalizing file system. A remote attacker, using a specially crafted git tree, can overwrite a...

9.8CVSS8.4AI score0.63178EPSS
Exploits5References4
Rows per page
Query Builder