CVE-2018-17456: Git allowed remote code execution during processing of a
recursive "git clone" of a superproject if a .gitmodules file has a URL
field beginning with a ‘-’ character. (boo#1110949).

This update was imported from the SUSE:SLE-15:Update update project.

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.0i586git-web< 2.16.4-lp150.2.6.1git-web-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64git-daemon< 2.16.4-lp150.2.6.1git-daemon-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586gitk< 2.16.4-lp150.2.6.1gitk-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap15.0i586git-cvs< 2.16.4-lp150.2.6.1git-cvs-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64git-credential-libsecret< 2.16.4-lp150.2.6.1git-credential-libsecret-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586git-debugsource< 2.16.4-lp150.2.6.1git-debugsource-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64git-gui< 2.16.4-lp150.2.6.1git-gui-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0i586git-svn-debuginfo< 2.16.4-lp150.2.6.1git-svn-debuginfo-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap15.0x86_64git-svn< 2.16.4-lp150.2.6.1git-svn-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap15.0x86_64git-web< 2.16.4-lp150.2.6.1git-web-2.16.4-lp150.2.6.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE Leap	15.0	i586	git-web	< 2.16.4-lp150.2.6.1	git-web-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	git-daemon	< 2.16.4-lp150.2.6.1	git-daemon-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	gitk	< 2.16.4-lp150.2.6.1	gitk-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	i586	git-cvs	< 2.16.4-lp150.2.6.1	git-cvs-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	git-credential-libsecret	< 2.16.4-lp150.2.6.1	git-credential-libsecret-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	git-debugsource	< 2.16.4-lp150.2.6.1	git-debugsource-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	git-gui	< 2.16.4-lp150.2.6.1	git-gui-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	i586	git-svn-debuginfo	< 2.16.4-lp150.2.6.1	git-svn-debuginfo-2.16.4-lp150.2.6.1.i586.rpm
openSUSE Leap	15.0	x86_64	git-svn	< 2.16.4-lp150.2.6.1	git-svn-2.16.4-lp150.2.6.1.x86_64.rpm
openSUSE Leap	15.0	x86_64	git-web	< 2.16.4-lp150.2.6.1	git-web-2.16.4-lp150.2.6.1.x86_64.rpm

Rows per page:

1-10 of 411

References

bugzilla.suse.com/1110949

atlassian 4

nessus 42

prion 1

osv 3

packetstorm 3

ubuntucve 1

openvas 29

centos 2

mageia 1

exploitpack 2

zdt 1

suse 3

debian 2

redhat 4

freebsd 1

checkpoint_advisories 1

oraclelinux 2

fedora 9

ibm 2

cloudfoundry 1

archlinux 1

veracode 1

altlinux 2

metasploit 1

cve 1

alpinelinux 1

amazon 2

redhatcve 1

ubuntu 1

debiancve 1

slackware 1

exploitdb 2

photon 6

kitploit 1

atlassian

Input validation vulnerability via Git in Sourcetree for Windows - CVE-2018-17456

2019-01-23 22:56:09

Input validation vulnerability via Git in Sourcetree for Mac - CVE-2018-17456

2019-01-23 22:43:28

Input validation vulnerability via Git in Sourcetree for Windows - CVE-2018-17456

2019-01-23 22:56:09

nessus

Oracle Linux 6 : git (ELSA-2020-0316)

2020-02-04 00:00:00

SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2018:3150-1)

2019-01-02 00:00:00

EulerOS Virtualization 2.5.3 : git (EulerOS-SA-2019-1183)

2019-04-09 00:00:00

prion

Remote code execution

2018-10-06 14:29:00

osv

git - security update

2018-10-05 00:00:00

git - security update

2018-10-05 00:00:00

CVE-2018-17456

2018-10-06 14:29:00

packetstorm

Malicious Git HTTP Server

2018-11-15 00:00:00

Git Submodule Arbitrary Code Execution

2018-10-08 00:00:00

Git Submodule Arbitrary Code Execution

2018-10-17 00:00:00

ubuntucve

CVE-2018-17456

2018-10-06 00:00:00

openvas

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2019-2389)

2020-01-23 00:00:00

Ubuntu: Security Advisory (USN-3791-1)

2018-10-12 00:00:00

Huawei EulerOS: Security Advisory for git (EulerOS-SA-2019-1291)

2020-01-23 00:00:00

centos

emacs, git, gitk, gitweb, perl security update

2018-11-20 23:41:54

emacs, git, gitk, gitweb, perl security update

2020-02-03 17:18:41

mageia

Updated git packages fix security vulnerability

2018-10-14 03:58:33

exploitpack

Git Submodule - Arbitrary Code Execution (PoC)

2018-10-05 00:00:00

Git Submodule - Arbitrary Code Execution

2018-10-16 00:00:00

zdt

Git Submodule - Arbitrary Code Execution Vulnerability

2018-10-09 00:00:00

suse

Security update for libgit2 (important)

2018-12-08 15:09:50

Security update for git (important)

2018-10-12 12:11:54

Security update for git (moderate)

2020-05-02 00:00:00

debian

[SECURITY] [DSA 4311-1] git security update

2018-10-05 19:29:29

[SECURITY] [DSA 4311-1] git security update

2018-10-05 19:29:29

redhat

(RHSA-2018:3541) Important: rh-git29-git security update

2018-11-12 10:58:59

(RHSA-2020:0316) Important: git security update

2020-02-03 08:18:58

(RHSA-2018:3408) Important: git security update

2018-10-30 14:56:57

freebsd

Libgit2 -- multiple vulnerabilities

2018-10-05 00:00:00

checkpoint_advisories

Git Submodule Remote Code Execution (CVE-2018-17456)

2020-03-01 00:00:00

oraclelinux

git security update

2018-11-09 00:00:00

git security update

2020-02-03 00:00:00

fedora

[SECURITY] Fedora 29 Update: libgit2-0.27.5-1.fc29

2018-10-09 00:08:31

[SECURITY] Fedora 29 Update: git-2.19.1-1.fc29

2018-10-09 00:08:13

[SECURITY] Fedora 28 Update: git-2.17.2-1.fc28

2018-10-10 22:47:45

ibm

Security Bulletin: A vulnerability in git affects PowerKVM

2018-12-17 14:20:01

Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Vulnerability Advisor Kafka and Notification Dispatcher

2019-03-07 20:05:01

cloudfoundry

USN-3791-1: Git vulnerability | Cloud Foundry

2018-10-15 00:00:00

archlinux

[ASA-201810-7] git: arbitrary code execution

2018-10-09 00:00:00

veracode

Remote Code Execution (RCE)

2019-01-15 09:25:29

altlinux

Security fix for the ALT Linux 10 package git version 2.17.2-alt1

2018-09-27 00:00:00

Security fix for the ALT Linux 8 package git version 2.17.2-alt1

2018-09-27 00:00:00

metasploit

Malicious Git HTTP Server For CVE-2018-17456

2018-10-18 03:02:28

cve

CVE-2018-17456

2018-10-06 14:29:00

alpinelinux

CVE-2018-17456

2018-10-06 14:29:00

amazon

Important: git

2018-10-17 22:02:00

Important: git

2018-10-24 16:31:00

redhatcve

CVE-2018-17456

2018-10-05 21:49:09

ubuntu

Git vulnerability

2018-10-12 00:00:00

debiancve

CVE-2018-17456

2018-10-06 14:29:00

slackware

[slackware-security] git

2018-10-11 00:35:23

exploitdb

Git Submodule - Arbitrary Code Execution (PoC)

2018-10-05 00:00:00

Git Submodule - Arbitrary Code Execution

2018-10-16 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0185

2019-11-01 00:00:00

Critical Photon OS Security Update - PHSA-2019-0185

2019-11-01 00:00:00

Critical Photon OS Security Update - PHSA-2019-0036

2019-10-23 00:00:00

kitploit

Trivy - A Simple And Comprehensive Vulnerability Scanner For Containers, Suitable For CI

2019-11-05 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.165 Low

EPSS

Percentile

95.5%

JSON

Related for OPENSUSE-SU-2018:3178-1