Arbitrary Shell Command Execution

Git-fastclone has a flaw that permits execution of arbitrary shell commands from .gitmodules. Attackers can trigger the execution by instructing a user to run a recursive clone from a repository they control. The attack is possible only if a user configures Git to automatically clone submodules...

Apple Xcode < 7.2 Multiple Vulnerabilities (Mac OS X)

The version of Apple Xcode installed on the remote Mac OS X host is prior to 7.2. It is, therefore, affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to a flaw in the otools component that is triggered when handling Mach-O files. A remote attacker c...

USN-2835-1 git vulnerability

Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs...

Amazon Linux AMI : git (ALAS-2015-613)

A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the user's system. C...

Medium: git

Issue Overview: A flaw was found in the way the git-remote-ext helper processed certain URLs. If a user had Git configured to automatically clone submodules from untrusted repositories, an attacker could inject commands into the URL of a submodule, allowing them to execute arbitrary code on the...

Moderate: Red Hat Security Advisory: git security update

Updated git packages that fix one security issue are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from th...