CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-34599 – Improper Certificate Validation in CODESYS Git
https://notcve.org/view.php?id=CVE-2021-34599
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certificate of the server to which the connection is made is not properly verified, the server connection is vulnerable to a man-in-the-middle attack. Las versiones afectadas de CODESYS Git en Versiones anteriores a V1.1.0.0, carecen de la comprobación de certificados en los protocolos de enlace HTTPS. CODESYS Git no implementa la comprobación de certificados por defecto, por lo que no comprueba que el servidor proporcione un certificado HTTPS válido y confiable. • https://customers.codesys.com/index.php?eID=dumpFile&t=f&f=16959&token=3ce11e44a3277c4520d732ea2e630f2e06bd46ff&download • CWE-295: Improper Certificate Validation •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21684 – jenkins-2-plugins/git: stored XSS vulnerability
https://notcve.org/view.php?id=CVE-2021-21684
Jenkins Git Plugin 4.8.2 and earlier does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability. El plugin Git de Jenkins versiones 4.8.2 y anteriores, no escapa a los parámetros de suma de comprobación Git SHA-1 proporcionados a las notificaciones de commit cuando se muestran en una causa de construcción, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado A stored cross-site scripting (XSS) vulnerability was found in the Jenkins Git plugin. Due to not escaping the Git SHA-1 checksum parameters provided to commit notifications, an attacker is able to submit crafted commit notifications to the `/git/notifyCommit` endpoint. • http://www.openwall.com/lists/oss-security/2021/10/06/1 https://www.jenkins.io/security/advisory/2021-10-06/#SECURITY-2499 https://access.redhat.com/security/cve/CVE-2021-21684 https://bugzilla.redhat.com/show_bug.cgi?id=2011949 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-40330
https://notcve.org/view.php?id=CVE-2021-40330
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. La función git_connect_git en el archivo connect.c en Git versiones anteriores a 2.30.1, permite que la ruta de un repositorio contenga un carácter de nueva línea, que puede resultar en peticiones inesperadas entre protocolos, como es demostrado en la subcadena git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 • https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473 https://github.com/git/git/compare/v2.30.0...v2.30.1 https://lists.debian.org/debian-lts-announce/2022/10/msg00014.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-29468 – Arbitrary code execution when checking out an attacker-controlled Git branch
https://notcve.org/view.php?id=CVE-2021-29468
Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. • https://cygwin.com/pipermail/cygwin-announce/2021-April/010018.html https://github.com/me-and/Cygwin-Git/blob/main/check-backslash-safety.patch https://github.com/me-and/Cygwin-Git/security/advisories/GHSA-rmp3-wq55-f557 https://lore.kernel.org/git/CA+kUOa=juEdBMVr_gyTKjz7PkPt2DZHkXQyzcQmAWCsEHC_ssw%40mail.gmail.com/T/#u • CWE-20: Improper Input Validation •
CVSS: 8.0EPSS: 89%CPEs: 21EXPL: 12CVE-2021-21300 – malicious repositories can execute remote code while cloning
https://notcve.org/view.php?id=CVE-2021-21300
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. • https://github.com/AlkenePan/CVE-2021-21300 https://github.com/Maskhe/CVE-2021-21300 https://github.com/1uanWu/CVE-2021-21300 https://github.com/Roboterh/CVE-2021-21300 https://github.com/Saboor-Hakimi-23/CVE-2021-21300 https://github.com/Kirill89/CVE-2021-21300 https://github.com/erranfenech/CVE-2021-21300 https://github.com/fengzhouc/CVE-2021-21300 https://github.com/danshuizhangyu/CVE-2021-21300 https://github.com/Faisal78123/CVE-2021-21300 http://packetstormsecurity. • CWE-59: Improper Link Resolution Before File Access ('Link Following') •