CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2022-24765 – Uncontrolled search for the Git directory in Git for Windows
https://notcve.org/view.php?id=CVE-2022-24765
12 Apr 2022 — Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. • http://seclists.org/fulldisclosure/2022/May/31 • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-23632 – Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2021-23632
17 Mar 2022 — All versions of package git are vulnerable to Remote Code Execution (RCE) due to missing sanitization in the Git.git method, which allows execution of OS commands rather than just git commands. Steps to Reproduce 1. Create a file named exploit.js with the following content: js var Git = require("git").Git; var repo = new Git("repo-test"); var user_input = "version; date"; repo.git(user_input, function(err, result) { console.log(result); }) 2. In the same directory as exploit.js, run npm install git. 3. Run ... • https://snyk.io/vuln/SNYK-JS-GIT-1568518 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2CVE-2022-24975
https://notcve.org/view.php?id=CVE-2022-24975
11 Feb 2022 — The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option. Note: This has been disputed by multiple 3rd parties who believe this is an intended feature of the git binary and does not pose a security risk. La documentación --mirror para Git versiones hasta 2.35.1, no menciona la disponibilidad del contenid... • https://github.com/git/git/blob/2dc94da3744bfbbf145eca587a0f5ff480cc5867/Documentation/git-clone.txt#L185-L191 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-46101
https://notcve.org/view.php?id=CVE-2021-46101
31 Jan 2022 — In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly. En Git para windows versiones hasta 2.34.1, cuando es usado git pull para actualizar el almacén local, puede ejecutarse directamente git.cmd • https://github.com/0xADY/git_rce •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-34599 – Improper Certificate Validation in CODESYS Git
https://notcve.org/view.php?id=CVE-2021-34599
01 Dec 2021 — Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack. Las versiones afectadas de CODESYS Git en Versiones anteriores a V1.1.0.0, carecen de l... • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21684 – jenkins-2-plugins/git: stored XSS vulnerability
https://notcve.org/view.php?id=CVE-2021-21684
06 Oct 2021 — Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability. El plugin Git de Jenkins versiones 4.8.2 y anteriores, no escapa a los parámetros de suma de comprobación Git SHA-1 proporcionados a las notificaciones de commit cuando se muestran en una causa de construcción, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado... • http://www.openwall.com/lists/oss-security/2021/10/06/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40330 – Ubuntu Security Notice USN-5076-1
https://notcve.org/view.php?id=CVE-2021-40330
31 Aug 2021 — git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. La función git_connect_git en el archivo connect.c en Git versiones anteriores a 2.30.1, permite que la ruta de un repositorio contenga un carácter de nueva línea, que puede resultar en peticiones inesperadas entre protocolos, como es demostrado en la subcadena g... • https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29468 – Arbitrary code execution when checking out an attacker-controlled Git branch
https://notcve.org/view.php?id=CVE-2021-29468
29 Apr 2021 — Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream... • https://cygwin.com/pipermail/cygwin-announce/2021-April/010018.html • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 69%CPEs: 21EXPL: 15CVE-2021-21300 – malicious repositories can execute remote code while cloning
https://notcve.org/view.php?id=CVE-2021-21300
09 Mar 2021 — Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is theref... • https://packetstorm.news/files/id/163978 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0CVE-2020-11008 – Malicious URLs can still cause Git to send a stored credential to the wrong server
https://notcve.org/view.php?id=CVE-2020-11008
21 Apr 2020 — Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafte... • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html • CWE-20: Improper Input Validation CWE-522: Insufficiently Protected Credentials •