| CVE-2019-1387 |
AVG-1075 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where recursive clones are currently affected by a vulnerability that is caused by too-lax validation... |
| CVE-2019-1352 |
AVG-1075 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where it was unaware of NTFS Alternate Data Streams, allowing files inside the .git/ directory to be... |
| CVE-2019-1349 |
AVG-1075 |
Medium |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 when using submodule paths that refer to the same file system entity (e.g. using the NTFS Alternate... |
| CVE-2019-1348 |
AVG-1075 |
High |
Yes |
Arbitrary code execution |
A security issue has been found in git before 2.24.1 where the --export-marks option of git fast-import is exposed also via the in- stream command feature... |
| CVE-2016-10130 |
AVG-131 |
High |
Yes |
Insufficient validation |
An issue has been discovered when checking certificate validity before clobbering the error variable. A valid parameter is provided to indicate whether the... |
| CVE-2016-10129 |
AVG-131 |
Medium |
Yes |
Denial of service |
The Git protocol does not specify what should happen in the case of an empty packet line (that is a packet line "0004"). currently it indicates success, but... |
| CVE-2016-10128 |
AVG-131 |
High |
Yes |
Arbitrary code execution |
Each packet line in the Git protocol is prefixed by a four-byte length of how much data will follow, which we parse in `git_pkt_parse_line`. The transmitted... |
| CVE-2016-8569 |
AVG-45 |
Low |
Yes |
Denial of service |
A null pointer dereference has been discovered while showing a malformed object file. |
| CVE-2016-8568 |
AVG-45 |
Low |
Yes |
Denial of service |
A heap-based read out-of-bounds access has been discovered while parsing a malformed object file. |