CVE-2024-32478

The CVE-2024-32478 entry refers to Git Credential Manager (GCM). Affected component: Debian package of GCM prior to version 2.5.0. Root-ownership not set on installed files, enabling a local multi-user attacker to replace the binary and potentially escalate privileges. Impact is described as priv...

PT-2024-24601 · Unknown · Git Credential Manager

Name of the Vulnerable Software and Affected Versions: Git Credential Manager GCM versions prior to 2.5.0 Description: The issue arises from the Debian package of Git Credential Manager GCM not setting root ownership on installed files prior to version 2.5.0. This allows a user on a multi-user...

Git Credential Manager 安全漏洞

Git Credential Manager GCM is a secure Git credential assistant open-sourced by Git Ecosystem. A security vulnerability exists in Git Credential Manager versions prior to 2.5.0 that stems from a Debian package that does not set root ownership on installed files, which allows a user on a multi-use...

CVE-2020-26233

Git Credential Manager Core GCM Core is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and...

CVE-2020-26233

Git Credential Manager Core GCM Core is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and...

CVE-2020-26233

GCM Core on Windows is affected by CVE-2020-26233 prior to 2.0.289. When recursively cloning a repo with submodules, Git Credential Manager Core may start a malicious git.exe in the top-level repository instead of the PATH git when reading configuration, potentially enabling code execution. The i...

CVE-2020-26233 Remote Code Execution in Git Credential Manager Core

Git Credential Manager Core GCM Core is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and...

Git SQL Injection Vulnerability

Git is a free, open source distributed version control system. A SQL injection vulnerability exists in Git Credential Manager Core, where if a malicious git.exe executable is present in the top-level repository, the binary will be launched by Git Credential Manager Core when attempting to read th...

CVE-2020-11008

Technical details for CVE-2020-11008 are not present in the provided connected documents. The sources discuss related CVEs and general Git credential leakage vectors but do not specify affected versions, root cause, fixes, or exploitation status for this CVE. Monitor for updates.

CVE-2020-11008

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260GHSA-qm7j-c969-7j4q. The fix for that bug still left the door open for an exploit where some credential is leaked but...