Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git project git vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-22284
A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows malicious users to access sensitive information via a crafted 6LoWPAN packet.
Lwip Project Lwip 2.1.2
5
CVSSv2
CVE-2020-22283
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows malicious users to access sensitive information via a crafted ICMPv6 packet.
Lwip Project Lwip -
5
CVSSv2
CVE-2020-5260
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provide...
Git Git
Git-scm Git
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
2 Github repositories
5
CVSSv2
CVE-2018-19585
GitLab CE/EE versions 8.18 up to 11.x prior to 11.3.11, 11.4.x prior to 11.4.8, and 11.5.x prior to 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.
Gitlab Gitlab
5 Github repositories
5
CVSSv2
CVE-2018-14912
cgit_clone_objects in CGit prior to 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request.
Cgit Project Cgit
Debian Debian Linux 9.0
Debian Debian Linux 8.0
1 EDB exploit
5
CVSSv2
CVE-2018-10857
git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.
Git-annex Project Git-annex -
Debian Debian Linux 8.0
5
CVSSv2
CVE-2018-10859
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored i...
Git-annex Project Git-annex -
Debian Debian Linux 8.0
5
CVSSv2
CVE-2016-10129
The Git Smart Protocol support in libgit2 prior to 0.24.6 and 0.25.x prior to 0.25.1 allows remote malicious users to cause a denial of service (NULL pointer dereference) via an empty packet line.
Libgit2 Project Libgit2 0.25.0
Libgit2 Project Libgit2
4.6
CVSSv2
CVE-2021-21237
Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file in the current directory, that program would be executed, permitting the malicious user to execute arbitrary code. This ...
Git Large File Storage Project Git Large File Storage
4.6
CVSSv2
CVE-2017-1000451
fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on child_process.exec, however, the buildCommand method used to construct exec strings does not properly sanitize data and is vulnerable to command injection across all methods that use it...
Fs-git Project Fs-git
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »