Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
git git vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2022-31012
Git for Windows is a fork of Git that contains Windows-specific patches. This vulnerability in versions before 2.37.1 lets Git for Windows' installer execute a binary into `C:\mingw64\bin\git.exe` by mistake. This only happens upon a fresh install, not when upgrading Git for...
Gitforwindows Git
7.5
CVSSv3
CVE-2021-46101
In Git for windows up to and including 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly.
Gitforwindows Git
8.8
CVSSv3
CVE-2021-29468
Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a reposito...
Cygwin Git
7.4
CVSSv3
CVE-2021-34599
Affected versions of CODESYS Git in Versions prior to V1.1.0.0 lack certificate validation in HTTPS handshakes. CODESYS Git does not implement certificate validation by default, so it does not verify that the server provides a valid and trusted HTTPS certificate. Since the certif...
Codesys Git
5.4
CVSSv3
CVE-2020-2136
Jenkins Git Plugin 4.2.0 and previous versions does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability.
Jenkins Git
6.1
CVSSv3
CVE-2021-21684
Jenkins Git Plugin 4.8.2 and previous versions does not escape the Git SHA-1 checksum parameters provided to commit notifications when displaying them in a build cause, resulting in a stored cross-site scripting (XSS) vulnerability.
Jenkins Git
5.3
CVSSv3
CVE-2022-36884
The webhook endpoint in Jenkins Git Plugin 4.11.3 and previous versions provide unauthenticated attackers information about the existence of jobs configured to use an attacker-specified Git repository.
Jenkins Git
8.8
CVSSv3
CVE-2022-36882
A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and previous versions allows malicious users to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
Jenkins Git
7.5
CVSSv3
CVE-2022-36883
A missing permission check in Jenkins Git Plugin 4.11.3 and previous versions allows unauthenticated malicious users to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
Jenkins Git
7.5
CVSSv3
CVE-2020-5260
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provide...
Git Git
Git-scm Git
Debian Debian Linux 8.0
Canonical Ubuntu Linux 16.04
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Fedoraproject Fedora 30
Opensuse Leap 15.1
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 31
Fedoraproject Fedora 32
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »