2 matches found
CVE-2010-3906
CVE-2010-3906 is an XSS in gitweb (Git web interface) for Git versions up to 1.7.3.3 and earlier, exploitable via the f and fp parameters to craft arbitrary script/HTML. Multiple advisories report remote injection through gitweb, with openSUSE openSUSE-SU-2011:0115-1 and Debian backports patches ...
CVE-2010-2542
Git: Privilege escalation vulnerability CVE-2010-2542 — stack-based buffer overflow in is_git_directory (setup.c) in Git up to 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file. Affected: Git before 1.7.2.1. Impact: local privilege escalation. Mitigation: upgra...