Lucene search
K

4 matches found

CVE
CVE
added 2026/06/10 10:13 p.m.20 views

CVE-2026-52726

Technical details about CVE-2026-52726 are not publicly provided in the supplied documents; monitor for updates.

7.5CVSS5.8AI score0.00448EPSS
Exploits0References2
OSV
OSV
added 2026/05/05 7:27 p.m.4 views

GHSA-FR8X-3VFX-F45H gix and gitoxide: unvalidated submodule name traverses out of .git/modules and redirects state() / open() to another repository

Summary attachments: pocs.zip Submodule names coming from .gitmodules are exposed as unvalidated names and are later reused to derive the submodule git directory as: /modules/ Because the submodule name is joined directly as a filesystem path component, a name such as ../../../escaped-target.git...

8.7CVSS5.9AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:35 a.m.4 views

SUSE CVE-2017-1000117

A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim...

8.5CVSS9.1AI score0.77823EPSS
Exploits9References17
OSV
OSV
added 2018/05/30 4:29 a.m.4 views

ALPINE-CVE-2018-11235

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because...

7.8CVSS8.3AI score0.49188EPSS
Exploits10References1
Rows per page
Query Builder