| CVE-2022-29187 |
AVG-2778 |
Unknown |
Unknown |
Unknown |
Unknown |
| CVE-2022-24765 |
AVG-2679 |
Medium |
No |
Arbitrary command execution |
A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands... |
| CVE-2021-21300 |
AVG-1665 |
Low |
Yes |
Arbitrary code execution |
In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may... |
| CVE-2020-11008 |
AVG-1138 |
High |
Yes |
Information disclosure |
A vulnerability has been found in git before 2.26.2. With a crafted URL that contains a newline or empty host, or lacks a scheme, the credential helper... |
| CVE-2020-5260 |
AVG-1133 |
High |
Yes |
Information disclosure |
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses... |
| CVE-2019-19604 |
AVG-1073 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1, and it is now disallowed for `.gitmodules` to have entries that set... |
| CVE-2019-1387 |
AVG-1073 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where recursive clones are currently affected by a vulnerability that is caused by too-lax validation... |
| CVE-2019-1354 |
AVG-1074 |
High |
Yes |
Arbitrary code execution |
Filenames on Linux/Unix can contain backslashes. On Windows, backslashes are directory separators. Git did not use to refuse to write out tracked files with... |
| CVE-2019-1353 |
AVG-1074 |
Medium |
Yes |
Arbitrary code execution |
When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none of the NTFS... |
| CVE-2019-1352 |
AVG-1073 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where it was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be... |
| CVE-2019-1351 |
AVG-1074 |
Medium |
Yes |
Arbitrary code execution |
While the only permitted drive letters for physical drives on Windows are letters of the US-English alphabet, this restriction does not apply to virtual... |
| CVE-2019-1350 |
AVG-1074 |
Medium |
Yes |
Arbitrary code execution |
Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs. |
| CVE-2019-1349 |
AVG-1073 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 when using submodule paths that refer to the same file system entity (e.g. using the NTFS Alternate... |
| CVE-2019-1348 |
AVG-1073 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where the --export-marks option of git fast-import is exposed also via the in- stream command feature... |
| CVE-2018-17456 |
AVG-776 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in git versions prior to 2.19.1, which allows an attacker to execute arbitrary code by crafting a malicious .gitmodules file... |
| CVE-2018-11235 |
AVG-711 |
Critical |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.17.1. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that... |
| CVE-2018-11233 |
AVG-711 |
Medium |
Yes |
Information disclosure |
A security issue has been found in git before 2.17.1, where the code that sanify-check paths in is_ntfs_dotgit() could have been tricked into reading random... |
| CVE-2017-1000117 |
AVG-377 |
Critical |
Yes |
Arbitrary command execution |
A security issue has been found in git < 2.14.1. A malicious third- party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to... |
| CVE-2017-8386 |
AVG-267 |
High |
Yes |
Access restriction bypass |
A security issue has been found in git < 2.12.3, allowing a remote restricted user to execute an interactive pager on the server by causing it to spawn "git... |