CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-17831 – SourceTree Remote Command Injection
https://notcve.org/view.php?id=CVE-2017-17831
21 Dec 2017 — GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository. GitHub Git LFS en versiones anteriores a la 2.1.1 permite que los atacantes remotos ejecuten comandos arbitrarios mediante una URL ssh con un carácter guión inicial en el nombre del host, que se encuentra en una línea "url =" en un archivo .lfsconfig dentro de un repositorio. Sourcetree for macOS v... • http://blog.recurity-labs.com/2017-08-10/scm-vulns • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 2CVE-2017-15298 – Ubuntu Security Notice USN-3829-1
https://notcve.org/view.php?id=CVE-2017-15298
14 Oct 2017 — Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk. Git, en versiones hasta la 2.14.2 gestiona de manera incorrecta capas de objetos tipo árbol, lo que permite que atacantes remotos provoquen una denegación ... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.0EPSS: 6%CPEs: 20EXPL: 0CVE-2017-14867 – Ubuntu Security Notice USN-3438-1
https://notcve.org/view.php?id=CVE-2017-14867
28 Sep 2017 — Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name. The vulnerable code is reachable via git-shell even without CVS support. Git en versiones anteriores a la 2.10.5, las versiones 2.11.x anteriores a 2.11.4, las 2.12.x anteriores a2.12.5, las 2.13.x anteriores a 2.13.6 y las 2.14.x anter... • http://www.openwall.com/lists/oss-security/2017/09/26/9 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-12976
https://notcve.org/view.php?id=CVE-2017-12976
20 Aug 2017 — git-annex before 6.20170818 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, as demonstrated by an ssh://-eProxyCommand= URL, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-1000116, and CVE-2017-1000117. git-annex en versiones anteriores a la 6.20170818 permite que atacantes remotos ejecuten comandos arbitrarios mediante una URL ssh con un carácter de guion en el nombre de host, tal y como demuestra ssh://-eProxyCommand= URL, un... • http://source.git-annex.branchable.com/?p=source.git%3Ba=blob%3Bf=doc/bugs/dashed_ssh_hostname_security_hole.mdwn • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 68%CPEs: 51EXPL: 24CVE-2017-1000117 – Malicious Git HTTP Server For CVE-2017-1000117
https://notcve.org/view.php?id=CVE-2017-1000117
10 Aug 2017 — A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running "git clone --recurse-submodules" to trigger the vulnerability. Un tercero malicioso puede proporcionar una URL "ssh://..." manipulada a una víctima desprevenida y un intento de visita ... • https://packetstorm.news/files/id/143965 • CWE-20: Improper Input Validation CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 75%CPEs: 10EXPL: 2CVE-2017-8386 – git: Escape out of git-shell
https://notcve.org/view.php?id=CVE-2017-8386
10 May 2017 — git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. git-shell en git en versiones anteriores a la 2.4.12, versiones 2.5.x anteriores a la 2.5.6, versiones 2.6.x anteriores a la 2.6.7, versiones 2.7.x anteriores a la 2.7.5, versiones 2.8.x anter... • https://github.com/suz1n/WHS3_vulhub •
CVSS: 8.8EPSS: 1%CPEs: 1EXPL: 1CVE-2014-9938 – git: git-prompt.sh does not sanitize branch names in $PS1
https://notcve.org/view.php?id=CVE-2014-9938
20 Mar 2017 — contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution. Contrib/completion/git-prompt.sh en Git en versiones anteriores a 1.9.3 no desinfecta nombres de sucursales en la variable PS1, permitiendo que un repositorio malicioso cause la ejecución de código. It was found that the git-prompt.sh script shipped with git failed to correctly handle branch names containing special characters. A specially crafted ... • https://access.redhat.com/errata/RHSA-2017:2004 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9274
https://notcve.org/view.php?id=CVE-2016-9274
11 Nov 2016 — Untrusted search path vulnerability in Git 1.x for Windows allows local users to gain privileges via a Trojan horse git.exe file in the current working directory. NOTE: 2.x is unaffected. Vulnerabilidad de ruta de acceso no confiable en Git 1.x para Windows permite a los usuarios locales obtener privilegios a través de un archivo caballo de Troya git.exe en el directorio de trabajo actual. NOTA: 2.x no se ve afectada. • http://www.securityfocus.com/bid/94289 • CWE-426: Untrusted Search Path •
CVSS: 10.0EPSS: 25%CPEs: 10EXPL: 0CVE-2016-2315 – git: path_name() integer truncation and overflow leading to buffer overflow
https://notcve.org/view.php?id=CVE-2016-2315
16 Mar 2016 — revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow. revision.c en git en versiones anteriores a 2.7.4 utiliza un tipo de datos de entero incorrecto, lo que permite a atacantes remotos ejecutar código arbitrario a través de un (1) nombre de archivo grande o (2) muchos árboles anidados, dando lugar a un desbordamiento de buffer basado en memoria din... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-194: Unexpected Sign Extension •
CVSS: 10.0EPSS: 30%CPEs: 10EXPL: 0CVE-2016-2324 – git: path_name() integer truncation and overflow leading to buffer overflow
https://notcve.org/view.php?id=CVE-2016-2324
16 Mar 2016 — Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow. Desboradmiento de entero en Git en versiones anteriores a 2.7.4 permite a atacantes remotos ejecutar código arbitrario a través de un (1) nombre de archivo grande o (2) muchos árboles anidados, lo que desencadena un desbordamiento de buffer basado en memoria dinámica. An integer truncation flaw and an integer overflow flaw, both... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-194: Unexpected Sign Extension •