Описание
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
Ссылки
- Exploit
- Exploit
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 2Версия до 0.9.8 (включая)
cpe:2.3:a:dulwich_project:dulwich:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02765
Низкий
7.5 High
CVSS2
Дефекты
CWE-19
Связанные уязвимости
ubuntu
почти 11 лет назад
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
debian
почти 11 лет назад
The build_index_from_tree function in index.py in Dulwich before 0.9.9 ...
CVSS3: 9.8
github
больше 3 лет назад
Dulwich Arbitrary code execution via commit with directory path starting with .git
EPSS
Процентиль: 86%
0.02765
Низкий
7.5 High
CVSS2
Дефекты
CWE-19