CVE-2015-7082

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

Code injection

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

CVE-2015-7082

CVE-2015-7082 refers to multiple unspecified vulnerabilities in Git prior to 2.5.4, as used by Apple Xcode prior to 7.2. The connected document details a concrete root cause: a flaw in the git-remote-ext component that can be triggered by handling a specially crafted URL, enabling a remote attack...

CVE-2015-7082

Multiple unspecified vulnerabilities in Git before 2.5.4, as used in Apple Xcode before 7.2, have unknown impact and attack vectors. NOTE: this CVE is associated only with Xcode use cases...

git-fastclone permits arbitrary shell command execution from .gitmodules

Git allows executing arbitrary shell commands using git-remote-ext via a remote URLs. Normally git never requests URLs that the user doesn't specifically request, so this is not a serious security concern. However, submodules did allow the remote repository to specify what URL to clone from. If a...

Square Open Source: git-fastclone allows arbitrary command execution through usage of ext remote URLs in submodules

I recently discovered a security vulnerability in git that also affects other programs that manually reimplement submodule-like operations. The recent security update to git0 concerning git-remote-ext URLs in submodules affects git-fastclone similarly. This bug was patched in Git v2.6.1, v2.5.4,...

CentOS 7 : git (CESA-2015:2561)

Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...

emacs, git, gitk, gitweb, perl security update

CentOS Errata and Security Advisory CESA-2015:2561 Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which giv...

Oracle Linux 7 : git (ELSA-2015-2561)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2561 advisory. 1.8.3.1-6 - fix arbitrary code execution via crafted URLs Resolves: 1274737 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle: Security Advisory (ELSA-2015-2561)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : git (RHSA-2015:2561)

Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...

CVE-2015-7545

The 1 git-remote-ext and 2 unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a a .gitmodules file ...

UBUNTU-CVE-2015-7545

The 1 git-remote-ext and 2 unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in a a .gitmodules file ...

RedHat Update for git RHSA-2015:2561-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apple Patches 50+ Vulnerabilities in iOS, OS X, Safari

Apple has piled on the patches already released by Adobe and Microsoft today, and pushed out updates for iOS, OS X, Apple TV, Safari, and it’s watch-based operating system watchOS this afternoon. Fifty-four vulnerabilities across OS X were patched Tuesday, including fixes for Mavericks v10.9.5, O...

git: arbitrary code execution via crafted URLs

A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the user's system...

Moderate: Red Hat Security Advisory: git security update

Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...

git security update

1.8.3.1-6 - fix arbitrary code execution via crafted URLs Resolves: 1274737...

0d1n - Tool For Automating Customized Attacks Against Web Applications

Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. You can do: brute force passwords in auth forms directory disclosure use PATH list to brute, and find HTTP status code test list on input to find SQL Injection and XSS vulnerabilities To run: require libcurl-dev or...

SUSE-SU-2015:2184-1 Recommended update for git

The git package was updated to fix the following security issue: - Fix remote code execution with recursive fetch of submodules bsc948969...