Описание
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | jgit | Will not fix | ||
| Red Hat Enterprise Linux 6 | git | Will not fix | ||
| Red Hat Enterprise Linux 7 | git | Will not fix | ||
| Red Hat JBoss A-MQ 6 | fabric8 | Will not fix | ||
| Red Hat JBoss BRMS 6 | jgit | Will not fix | ||
| Red Hat JBoss Data Virtualization 6 | jgit | Will not fix | ||
| Red Hat JBoss Fuse 6 | camel | Will not fix | ||
| Red Hat JBoss Fuse Service Works 6 | jgit | Will not fix | ||
| Red Hat Mobile Application Platform 4 | fh-scm | Will not fix | ||
| Red Hat Software Collections | rh-git29-git | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
Git through 2.14.2 mishandles layers of tree objects, which allows rem ...
Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk.
EPSS
3.3 Low
CVSS3