Page 6 of 49 results (0.006 seconds)

CVSS: 8.0EPSS: 85%CPEs: 21EXPL: 12

Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a case-insensitive file system such as NTFS, HFS+ or APFS (i.e. the default file systems on Windows and macOS). Note that clean/smudge filters have to be configured for that. Git for Windows configures Git LFS by default, and is therefore vulnerable. The problem has been patched in the versions published on Tuesday, March 9th, 2021. • https://github.com/AlkenePan/CVE-2021-21300 https://github.com/Maskhe/CVE-2021-21300 https://github.com/1uanWu/CVE-2021-21300 https://github.com/Roboterh/CVE-2021-21300 https://github.com/Saboor-Hakimi-23/CVE-2021-21300 https://github.com/Kirill89/CVE-2021-21300 https://github.com/erranfenech/CVE-2021-21300 https://github.com/fengzhouc/CVE-2021-21300 https://github.com/danshuizhangyu/CVE-2021-21300 https://github.com/Faisal78123/CVE-2021-21300 http://packetstormsecurity. • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 7.5EPSS: 0%CPEs: 16EXPL: 0

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q). The fix for that bug still left the door open for an exploit where _some_ credential is leaked (but the attacker cannot control which one). Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that are considered illegal as of the recently published Git versions can cause Git to send a "blank" pattern to helpers, missing hostname and protocol fields. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://seclists.org/fulldisclosure/2020/May/41 https://github.com/git/git/commit/c44088ecc4b0722636e0a305f9608d3047197282 https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7 https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q https://lists.debian.org/debian-lts-announce/2020/04/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNW • CWE-20: Improper Input Validation CWE-522: Insufficiently Protected Credentials •

CVSS: 9.3EPSS: 0%CPEs: 20EXPL: 2

Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. • https://github.com/sv3nbeast/CVE-2020-5260 https://github.com/Asgavar/CVE-2020-5260 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html http://www.openwall.com/lists/oss-security/2020/04/15/5 http://www.openwall.com/lists/oss-security/2020/04/15/6 http://www.openwall.com/lists/oss-security&#x • CWE-20: Improper Input Validation CWE-522: Insufficiently Protected Credentials •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability. Jenkins Git Plugin versiones 4.2.0 y anteriores, no escapa al mensaje de error de la URL del repositorio para la comprobación del formulario del campo TFS de Microsoft, resultando en una vulnerabilidad de tipo cross-site scripting almacenado. • http://www.openwall.com/lists/oss-security/2020/03/09/1 https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1723 https://access.redhat.com/security/cve/CVE-2020-2136 https://bugzilla.redhat.com/show_bug.cgi?id=1819074 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.3EPSS: 0%CPEs: 10EXPL: 1

Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.1, and 2.24.x before 2.24.1 because a "git submodule update" operation can run commands found in the .gitmodules file of a malicious repository. Una ejecución de comandos arbitrarios es posible en Git versiones anteriores a 2.20.2, versiones 2.21.x anteriores a 2.21.1, versiones 2.22.x anteriores a 2.22.2, versiones 2.23.x anteriores a 2.23.1 y versiones 2.24.x anteriores a 2.24.1, porque una operación "git submodule update" puede ejecutar comandos encontrados en el archivo .gitmodules de un repositorio malicioso. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html http://www.openwall.com/lists/oss-security/2019/12/13/1 https://gitlab.com/gitlab-com/gl-security/disclosures/blob/master/003_git_submodule/advisory.md https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCYSSCA5ZTEP46SB4XRPSQGFV2L3NKMZ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/mes • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-862: Missing Authorization •