Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/04/13 8:44 p.m.5 views

CVE-2026-28291

A flaw was found in simple-git, a JavaScript library for running native Git commands. An attacker could exploit this vulnerability by manipulating Git options, bypassing existing safety checks. This incomplete fix for a previous vulnerability allows for the execution of arbitrary commands, leadin...

8.1CVSS6AI score0.00652EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2025/07/24 8:8 a.m.6 views

git: Git arbitrary code execution

A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return CR are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read,...

8CVSS5.7AI score0.02775EPSS
Exploits9References8
RedHat Linux
RedHat Linux
added 2025/07/22 12:3 p.m.6 views

git: Git arbitrary code execution

A line-end handling flaw was found in Git. When writing a config entry, values with a trailing carriage return CR are not quoted, resulting in the CR being lost when the config is read later. When initializing a submodule, if the submodule path contains a trailing CR, the altered path is read,...

8CVSS5.7AI score0.02775EPSS
Exploits9References8
RedHat Linux
RedHat Linux
added 2025/05/15 12:34 a.m.54 views

git: The sideband payload is passed unfiltered to the terminal in git

A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with "remote:" and printed directly to the standard error output. Typically, thi...

8.8CVSS7.3AI score0.00494EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/05/15 12:34 a.m.38 views

git: The sideband payload is passed unfiltered to the terminal in git

A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with "remote:" and printed directly to the standard error output. Typically, thi...

8.8CVSS7.3AI score0.00494EPSS
Exploits1References6
IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 8:6 p.m.10 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to an argument injection vulnerability in go-git [CVE-2025-21613]

Summary IBM Watson Speech Services Cartridge is vulnerable to an argument injection vulnerability in go-git, caused by a flaw which may allow an attacker to set arbitrary values to git-upload-pack flags CVE-2025-21613. Go-git is used in our ibm-watson-speech-catalog images. This vulnerabilitiy ha...

9.8CVSS7AI score0.0124EPSS
Exploits0Affected Software1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.5 views

Astra Linux – Vulnerability in Git

Git is a fast, scalable, distributed revision control system with a rich set of commands. It offers both high-level operations and full access to its internal workings. When Git requests credentials via a terminal prompt i.e., without using any credential helpers, it prints out the host name for...

4.7CVSS7.1AI score0.00643EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/01/14 10:50 p.m.33 views

CVE-2024-52006

A flaw was found in Git. Git defines a line-based protocol that is used to exchange information between Git and Git credential helpers. Some ecosystems, most notably .NET and node.js, interpret single Carriage Return characters as newlines, which render the protections against CVE-2020-5260...

4.3CVSS6.4AI score0.10047EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2025/01/14 7:21 p.m.11 views

CVE-2024-50349

A flaw was found in Git. This vulnerability occurs when Git requests credentials via a terminal prompt, for example, without the use of a credential helper. During this process, Git displays the host name for which the credentials are needed, but any URL-encoded parts are decoded and displayed...

3.1CVSS6.6AI score0.00643EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2024/06/25 8:30 a.m.5 views

git: additional local RCE

A flaw was found in Git in a full copy of a Git repository. A prerequisite for this vulnerability is for an unauthenticated attacker to place a specialized repository on their target's local system. If the victim were to clone this repository, it could result in arbitrary code execution...

7.8CVSS7.5AI score0.00909EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.65 views

Debian: Security Advisory (DLA-2177-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.1AI score0.10047EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2017/11/03 12:0 a.m.16 views

The vulnerability of the distributed Git version control system, related to insufficient validation of input data, allows a hacker to execute arbitrary operating system commands.

The vulnerability of the distributed Git version control system is related to the use of insecure Perl scripts for supporting subcommands such as cvsserver. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands on behalf of the git user remotely...

9CVSS7.7AI score0.36003EPSS
Exploits0References9Affected Software2
Rows per page
Query Builder