CVE-2014-9938

Опубликовано: 20 мар. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 6.8

CVSS3: 8.8

Описание

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

Релиз	Статус	Примечание
devel	not-affected
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1:1.9.1-1ubuntu0.4]]
esm-infra/xenial	not-affected	1:2.7.4-0ubuntu1
precise	not-affected	1:1.7.9.5-1ubuntu0.3
trusty	released	1:1.9.1-1ubuntu0.4
trusty/esm	DNE	trusty was released [1:1.9.1-1ubuntu0.4]
upstream	released	1:2.0.0~rc2-1
vivid/stable-phone-overlay	DNE
vivid/ubuntu-core	DNE
xenial	not-affected	1:2.7.4-0ubuntu1

Показывать по

Ссылки на источники

EPSS

Процентиль: 76%

0.01016

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2014-9938

CVSS3: 7.8

redhat

больше 11 лет назад

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

CVE-2014-9938

CVSS3: 8.8

nvd

больше 8 лет назад

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

CVE-2014-9938

CVSS3: 8.8

debian

больше 8 лет назад

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize ...

GHSA-6vhm-rfmv-gf4j

CVSS3: 8.8

github

больше 3 лет назад

contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution.

ELSA-2017-2004

oracle-oval

больше 8 лет назад

ELSA-2017-2004: git security and bug fix update (MODERATE)

EPSS

Процентиль: 76%

0.01016

Низкий

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2014-9938

Описание

Пакет git

Ссылки на источники

Связанные уязвимости