Описание
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | git | Not affected | ||
| Red Hat Enterprise Linux 7 | git | Not affected | ||
| Red Hat Enterprise Linux 8 | git | Not affected | ||
| Red Hat Software Collections | rh-git29-git | Not affected | ||
| Red Hat Software Collections for Red Hat Enterprise Linux 7 | rh-git218-git | Fixed | RHSA-2018:3800 | 10.12.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.4 EUS | rh-git218-git | Fixed | RHSA-2018:3800 | 10.12.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.5 EUS | rh-git218-git | Fixed | RHSA-2018:3800 | 10.12.2018 |
| Red Hat Software Collections for Red Hat Enterprise Linux 7.6 EUS | rh-git218-git | Fixed | RHSA-2018:3800 | 10.12.2018 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.
Git before 2.19.2 on Linux and UNIX executes commands from the current ...
7.5 High
CVSS3