CVE search results

1 – 10 of 10 results

Detailed view

Sort by:

CVE-2014-9390

Medium priority

Some fixes available 26 of 41

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before...

5 affected packages

git, git-core, jgit, libgit2, mercurial

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git	Fixed	Fixed	Fixed	Fixed	Fixed
git-core	Not in release	Not in release	Not in release	Not in release	Not in release
jgit	Not affected	Not affected	Not affected	Not affected	Not affected
libgit2	Not affected	Not affected	Not affected	Not affected	Not affected
mercurial	Not affected	Not affected	Not affected	Not affected	Not affected

CVE-2013-0308

Medium priority

Ignored

The imap-send command in GIT before 1.8.1.4 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle...

2 affected packages

git, git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git	—	—	—	—	—
git-core	—	—	—	—	—

CVE-2010-3906

Medium priority

Some fixes available 3 of 5

Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.

2 affected packages

git, git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git	—	—	—	—	—
git-core	—	—	—	—	—

CVE-2010-2542

Medium priority

Ignored

Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows local users to gain privileges via a long gitdir: field in a .git file in a working copy.

2 affected packages

git, git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git	—	—	—	—	—
git-core	—	—	—	—	—

CVE-2009-2108

Low priority

Ignored

git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments.

2 affected packages

git, git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git	—	—	—	—	—
git-core	—	—	—	—	—

CVE-2008-5916

Medium priority

Fixed

gitweb/gitweb.perl in gitweb in Git 1.6.x before 1.6.0.6, 1.5.6.x before 1.5.6.6, 1.5.5.x before 1.5.5.6, 1.5.4.x before 1.5.4.7, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands...

1 affected package

git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git-core	—	—	—	—	—

CVE-2008-5516

Medium priority

Fixed

The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.

1 affected package

git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git-core	—	—	—	—	—

CVE-2008-5517

Medium priority

Fixed

The web interface in git (gitweb) 1.5.x before 1.5.6 allows remote attackers to execute arbitrary commands via shell metacharacters related to (1) git_snapshot and (2) git_object.

1 affected package

git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git-core	—	—	—	—	—

CVE-2008-3546

Low priority

Some fixes available 4 of 5

Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running...

1 affected package

git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git-core	—	—	—	—	—

CVE-2006-0477

Unknown priority

Fixed

Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.

1 affected package

git-core

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
git-core	—	—	—	—	—

Search CVE reports