- Home
- CVEs with nessus.description==An+update+for+git+is+now+available+for+Red+Hat+Enterprise+Linux+7.%0A%0ARed+Hat+Product+Security+has+rated+this+update+as+having+a+security+impact+of+Important.+A+Common+Vulnerability+Scoring+System+%28CVSS%29+base+score%2C+which+gives+a+detailed+severity+rating%2C+is+available+for+each+vulnerability+from+the+CVE+link%28s%29+in+the+References+section.%0A%0AGit+is+a+distributed+revision+control+system+with+a+decentralized+architecture.+As+opposed+to+centralized+version+control+systems+with+a+client-server+model%2C+Git+ensures+that+each+working+copy+of+a+Git+repository+is+an+exact+copy+with+complete+revision+history.+This+not+only+allows+the+user+to+work+on+and+contribute+to+projects+without+the+need+to+have+permission+to+push+the+changes+to+their+official+repositories%2C+but+also+makes+it+possible+for+the+user+to+work+with+no+network+connection.%0A%0ASecurity+Fix%28es%29+%3A%0A%0A%2A+A+shell+command+injection+flaw+related+to+the+handling+of+%27ssh%27+URLs+has+been+discovered+in+Git.+An+attacker+could+use+this+flaw+to+execute+shell+commands+with+the+privileges+of+the+user+running+the+Git+client%2C+for+example%2C+when+performing+a+%27clone%27+action+on+a+malicious+repository+or+a+legitimate+repository+containing+a+malicious+commit.%0A%28CVE-2017-1000117%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top