- Home
- CVEs with nessus.description==According+to+the+versions+of+the+git+package+installed%2C+the+EulerOS+installation+on+the+remote+host+is+affected+by+the+following+vulnerabilities+%3A%0A%0A++-+It+was+found+that+the+git-prompt.sh+script+shipped+with+++++git+failed+to+correctly+handle+branch+names+containing+++++special+characters.+A+specially+crafted+git+repository+++++could+use+this+flaw+to+execute+arbitrary+commands+if+a+++++user+working+with+the+repository+configured+their+shell+++++to+include+repository+information+in+the+prompt.%0A++++%28CVE-2014-9938%29%0A%0A++-+A+flaw+was+found+in+the+way+git-shell+handled+++++command-line+options+for+the+restricted+set+of+++++git-shell+commands.+A+remote%2C+authenticated+attacker+++++could+use+this+flaw+to+bypass+git-shell+restrictions%2C+++++to+view+and+manipulate+files%2C+by+abusing+the+instance+++++of+the+less+command+launched+using+crafted+command-line+++++options.+%28CVE-2017-8386%29%0A%0A++-+A+shell+command+injection+flaw+related+to+the+handling+++++of+%27%27ssh%27%27+URLs+has+been+discovered+in+Git.+An+attacker+++++could+use+this+flaw+to+execute+shell+commands+with+the+++++privileges+of+the+user+running+the+Git+client%2C+for+++++example%2C+when+performing+a+%27%27clone%27%27+action+on+a+++++malicious+repository+or+a+legitimate+repository+++++containing+a+malicious+commit.+%28CVE-2017-1000117%29%0A%0ANote+that+Tenable+Network+Security+has+extracted+the+preceding+description+block+directly+from+the+EulerOS+security+advisory.+Tenable+has+attempted+to+automatically+clean+and+format+it+as+much+as+possible+without+introducing+additional+issues
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top