Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-22743
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading sai...
Git For Windows Project Git For Windows
445
VMScore
CVE-2021-40330
git_connect_git in connect.c in Git prior to 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
Git-scm Git
Debian Debian Linux 10.0
668
VMScore
CVE-2019-10776
In "index.js" file line 240, the run command executes the git command with a user controlled variable called remoteUrl. This affects git-diff-apply all versions before 0.22.2.
Git-diff-apply Project Git-diff-apply
580
VMScore
CVE-2019-10392
Jenkins Git Client Plugin 2.8.4 and previous versions and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Jenkins Git Client 3.0.0
Jenkins Git Client
2 Github repositories
NA
CVE-2023-26134
Versions of the package git-commit-info prior to 2.0.2 are vulnerable to Command Injection such that the package-exported method gitCommitInfo () fails to sanitize its parameter commit, which later flows into a sensitive command execution API. As a result, attackers may inject ma...
Git-commit-info Project Git-commit-info
NA
CVE-2023-29012
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed `doskey.exe` would be executed silently upon running Git ...
Git For Windows Project Git For Windows
NA
CVE-2023-23618
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick u...
Git For Windows Project Git For Windows
668
VMScore
CVE-2020-7630
git-add-remote up to and including 1.0.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the name argument.
Git-add-remote Project Git-add-remote
NA
CVE-2023-33290
The git-url-parse crate up to and including 0.4.4 for Rust allows Regular Expression Denial of Service (ReDos) via a crafted URL to normalize_url in lib.rs, a similar issue to CVE-2023-32758 (Python).
Git-url-parse Project Git-url-parse
668
VMScore
CVE-2021-3028
git-big-picture prior to 1.0.0 mishandles ' characters in a branch name, leading to code execution.
Git-big-picture Project Git-big-picture
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »