5 matches found
CVE-2025-48384
Git vulnerability CVE-2025-48384 arises from Git’s handling of trailing CR characters in config and submodule paths, which can cause a submodule to checkout to an incorrect location and potentially execute a post-checkout hook if a symlink points to the hooks directory. The issue affects Git and ...
CVE-2024-32004
CVE-2024-32004 affects Git and enables arbitrary code execution during cloning when a local repository is crafted by an attacker. It targets pre-patch releases prior to 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. Affected versions can execute code during the clone operation if the...
CVE-2024-32465
Git vulnerability CVE-2024-32465 affects local-cloning scenarios and can allow arbitrary code execution when cloning repositories from untrusted sources. Astra Linux documents indicate affected Git before 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, with patches in 2.45.1, 2.44.1, ...
CVE-2024-32020
CVE-2024-32020 concerns Git’s local clone optimization on the same disk, where source and target repositories owned by different users may result in hardlinked files in the target’s object database that can be rewritten by an untrusted user. Affected Git versions prior to 2.45.1, 2.44.1, 2.43.4, ...
CVE-2024-32021
CVE-2024-32021 affects Git prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. When cloning a local repository that contains symlinks over the filesystem, Git may create hardlinks to arbitrary user-readable files in the destination repo’s objects/ directory. Also, clonin...