Lucene search
+L

5 matches found

CVE
CVE
added 2018/10/06 2:0 p.m.657 views

CVE-2018-17456

CVE-2018-17456 is a remote code execution in Git triggered when processing a recursive clone of a superproject if a .gitmodules URL starts with a dash. Affected Git versions include 2.14.5 and later 2.15.x/2.16.x/2.17.x/2.18.x/2.19.x before the fixed releases listed (e.g., 2.14.5 and subsequent u...

9.8CVSS9.3AI score0.97356EPSS
CVE
CVE
added 2018/05/30 4:0 a.m.445 views

CVE-2018-11235

CVE-2018-11235 affects Git prior to 2.17.1 (and also 2.13.7, 2.14.4, 2.15.2, 2.16.4, 2.17.1 as listed in advisories). A crafted .gitmodules file can cause directory traversal in submodule names, leading to a malicious project triggering a chain where submodule names are appended to $GIT_DIR/modul...

7.8CVSS8.1AI score0.49188EPSS
Web
CVE
CVE
added 2018/05/30 4:0 a.m.290 views

CVE-2018-11233

CVE-2018-11233 affects Git on NTFS pathname sanity checking, causing potential out-of-bounds reads. Affected: Git versions before 2.13.7, and 2.14.x/2.15.x/2.16.x/2.17.x before the listed patch levels. Impact: potential information disclosure and/or memory access concerns; no explicit exploitatio...

7.5CVSS7.5AI score0.04309EPSS
CVE
CVE
added 2018/11/23 8:0 a.m.153 views

CVE-2018-19486

CVE-2018-19486 : Git before 2.19.2 on Linux/UNIX executes commands from the current working directory in certain cases involving the run_command() API and run-command.c, caused by a change from execvp to execv in 2017. The vulnerability can allow commands to be executed from the current directory...

9.8CVSS9.2AI score0.0412EPSS
CVE
CVE
added 2018/02/09 11:0 p.m.97 views

CVE-2018-1000021

Technical details on CVE-2018-1000021 are not publicly provided in the connected documents. Please monitor for updates from the vendor/CNA and the CVE entry for any affected products, impact and remediation information.

6.8CVSS8.4AI score0.01081EPSS