CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

ATTACKERKB•added 2026/05/28 4:57 p.m.•6 views

CVE-2026-44798

Nautobot is a Network Source of Truth and Network Automation Platform. Prior to 2.4.33 and 3.1.2, a user with access to add/change a GitRepository record could use the REST API to directly set the currenthead field on the record, which was not intended to be user-editable. Doing so could cause...

7.1CVSS5.8AI score0.00056EPSS

Exploits0References6Affected Software1

EUVD•added 2026/05/28 4:57 p.m.•9 views

EUVD-2026-32973

7.1CVSS5.8AI score0.00056EPSS

Exploits0References5

OSV•added 2025/11/07 5:34 p.m.•4 views

CLSA-2025-1762536892 git: Fix of CVE-2024-32020

CVE-2024-32020: refuse local clones of unowned repositories to prevent TOCTOU race conditions...

3.9CVSS5.8AI score0.00181EPSS

Exploits1References1

OSV•added 2025/02/12 6:56 p.m.•2 views

CLSA-2025-1739386567 git: Fix of 2 CVEs

CVE-2024-32020: fix issue where local clones may hardlink files into target repository's object database when owned by different user - CVE-2024-32021: fix issue with hardlinks to arbitrary user-readable files when cloning local source repository containing symlinks...

7.1CVSS6.9AI score0.00181EPSS

Exploits2References1

AstraLinux•added 2025/02/11 7:35 a.m.•1 views

Astra Linux - уязвимость в git

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source repository is owned by a...

3.9CVSS6.5AI score0.00181EPSS

Exploits1References3

Tenable Nessus•added 2025/01/22 12:0 a.m.•22 views

SUSE SLES12 Security Update : git (SUSE-SU-2025:0197-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0197-1 advisory. - CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. bsc122416...

9CVSS8.3AI score0.80577EPSS

Exploits36References22

SUSE Linux•added 2025/01/21 10:3 a.m.•6 views

Security update for git

This update for git fixes the following issues: CVE-2024-32002: Fix recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion. bsc1224168 CVE-2024-32004: Fixed arbitrary code execution during local clones. bsc1224170 CVE-2024-32020: Fix file...

8.8CVSS7.9AI score0.80577EPSS

Exploits36References28

OSV•added 2024/11/12 5:24 p.m.•3 views

CLSA-2024-1731432257 Fix CVE(s): CVE-2024-32020

SECURITY UPDATE: When performing a local clone of a repository we end up either copying or hardlinking the source repository into the target repository. - debian/patches/CVE-2024-32020.patch: builtin/clone: refuse local clones of unsafe repositories - CVE-2024-32020...

3.9CVSS6.8AI score0.00181EPSS

Exploits1References1

OSV•added 2024/11/01 4:44 p.m.•4 views

CLSA-2024-1730479456 Fix CVE(s): CVE-2024-32020

3.9CVSS5.8AI score0.00181EPSS

Exploits1References1

Ubuntu•added 2024/09/19 3:56 a.m.•26 views

USN-7023-1: Git vulnerabilities

Maxime Escourbiac and Yassine Bengana discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. This issue was fixed in Ubuntu 16.04 LTS. CVE-2023-25815 It was discovered that Git incorrectly...

9CVSS7.5AI score0.80577EPSS

Exploits34

Tenable Nessus•added 2024/07/15 12:0 a.m.•25 views

EulerOS 2.0 SP10 : git (EulerOS-SA-2024-1882)

According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be...

9CVSS7.6AI score0.80577EPSS

Exploits34References6

Tenable Nessus•added 2024/07/12 12:0 a.m.•259 views

Git for Windows < 2.45.1 Multiple Vulnerabilities

The version of Git for Windows installed on the remote host is prior to 2.45.1, and therefore is affected by multiple vulnerabilities: - Recursive clones on case-insensitive filesystems that support symbolic links are susceptible to case confusion that can be exploited to execute just-cloned code...

9CVSS7.5AI score0.80577EPSS

Exploits34References7

Ubuntu•added 2024/05/28 1:39 p.m.•431 views

USN-6793-1: Git vulnerabilities

It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 22.04 LTS, Ubuntu 23.10 and Ubuntu 24.04 LTS. CVE-2024-32002 It was discovered that Git incorrectly handled certain cloned...

9CVSS7.5AI score0.80577EPSS

Exploits34

Amazon•added 2024/05/28 12:0 a.m.•8 views

Important: git

Issue Overview: Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a...

9CVSS7.4AI score0.80577EPSS

Exploits35

OSV•added 2024/05/24 11:8 a.m.•6 views

OESA-2024-1662 git security update

Git is a free and open source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. Git is easy to learn and has a tiny footprint with lightning fast performance. It outclasses SCM tools like Subversion, CVS, Perforce, and...

9CVSS7.5AI score0.80577EPSS

Exploits34References6