Описание
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:2.17.1-1ubuntu0.3 |
| devel | released | 1:2.19.1-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1:1.9.1-1ubuntu0.9]] |
| esm-infra/bionic | released | 1:2.17.1-1ubuntu0.3 |
| esm-infra/xenial | released | 1:2.7.4-0ubuntu1.5 |
| precise/esm | DNE | |
| trusty | released | 1:1.9.1-1ubuntu0.9 |
| trusty/esm | DNE | trusty was released [1:1.9.1-1ubuntu0.9] |
| upstream | released | 1:2.19.1-1 |
| xenial | released | 1:2.7.4-0ubuntu1.5 |
Показывать по
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.
Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x ...
EPSS
7.5 High
CVSS2
9.8 Critical
CVSS3