CVSS: 8.8EPSS: 2%CPEs: 1EXPL: 0CVE-2010-2542 – Gentoo Linux Security Advisory 201401-06
https://notcve.org/view.php?id=CVE-2010-2542
11 Aug 2010 — Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy. Desbordamiento de búfer basado en pila en la función is_git_directory en setup.c en Git anterior v1.7.2.1 permite a usuarios locales obtener privilegios a través de un gitdir grande: campo en un fichero .git en una acción copia. A stack-based buffer overflow in Git might allow a local attacker to gain escalated privileg... • http://git.kernel.org/?p=git/git.git%3Ba=commit%3Bh=3c9d0414ed2db0167e6c828b547be8fc9f88fccc • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 117EXPL: 0CVE-2008-5516
https://notcve.org/view.php?id=CVE-2008-5516
20 Jan 2009 — The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search. La interfaz web en git (gitweb) versiones 1.5.x anteriores a 1.5.5, permite a atacantes remotos ejecutar comandos arbitrarios mediante metacaracteres de shell relacionados con git_search. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512330 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 6%CPEs: 13EXPL: 0CVE-2006-0477
https://notcve.org/view.php?id=CVE-2006-0477
31 Jan 2006 — Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link. • http://lwn.net/Articles/169623 •