22 matches found
Git LFS Clone Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Git LFS Clone Command Exec', 'Description' = %q Git clients that support delay-capable clean / smudge filters and symbolic links on...
Git LFS Clone Command Exec
Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of...
SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2021:2555-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:2555-1 advisory. - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic...
EulerOS Virtualization 3.0.6.6 : git (EulerOS-SA-2021-2033)
According to the version of the git packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains...
EulerOS Virtualization for ARM 64 3.0.6.0 : git (EulerOS-SA-2021-1998)
According to the version of the git packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that...
EulerOS 2.0 SP9 : git (EulerOS-SA-2021-1923)
According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as...
EulerOS 2.0 SP9 : git (EulerOS-SA-2021-1944)
According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as...
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2021-1897)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : git (EulerOS-SA-2021-1897)
According to the version of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as...
Amazon Linux AMI : git (ALAS-2021-1490)
The version of git installed on the remote host is prior to 2.18.5-2.73. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1490 advisory. Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Git vulnerability (USN-4761-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4761-1 advisory. Matheus Tavares discovered that Git incorrectly handled delay-capable clean/smudge filters when being used on case-insensitive filesystems...
Fedora 32 : git (2021-ffd0b2108d)
The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-ffd0b2108d advisory. - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links...
openSUSE Security Update : git (openSUSE-2021-405)
This update for git fixes the following issues : - On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone. bsc1183026, CVE-2021-21300...
Updated git packages fix a security vulnerability
On case-insensitive file systems with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone CVE-2021-21300...
[ASA-202103-3] git: arbitrary code execution
Arch Linux Security Advisory ASA-202103-3 ========================================= Severity: Low Date : 2021-03-13 CVE-ID : CVE-2021-21300 Package : git Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1665 Summary ======= The package git before version...
Fedora 33 : git (2021-63fcbd126e)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-63fcbd126e advisory. - Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links...
SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2021:0757-1)
This update for git fixes the following issues : On case-insensitive filesystems, with support for symbolic links, if Git is configured globally to apply delay-capable clean/smudge filters such as Git LFS, Git could be fooled into running remote code during a clone. bsc1183026, CVE-2021-21300 Not...
CVE-2021-21300
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...
Design/Logic Flaw
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive...
CVE-2021-21300
Summary: CVE-2021-21300 affects Git when cloning into case-insensitive file systems and using certain clean/smudge filters (e.g., Git LFS). A specially crafted repository containing symbolic links and files processed by these filters can cause an unchecked script to run during checkout. Affected ...