- Home
- CVEs with nessus.description==The+remote+host+is+affected+by+the+vulnerability+described+in+GLSA-201709-10+%28Git%3A+Command+injection%29%0A%0A++++Specially+crafted+%26lsquo%3Bssh%3A%2F%2F...%26rsquo%3B+URLs+may+allow+the+owner+of+the+++++++repository+to+execute+arbitrary+commands+on+client%26rsquo%3Bs+machine+if+those+++++++commands+are+already+installed+on+the+client%26rsquo%3Bs+system.+This+is+++++++especially+dangerous+when+the+third-party+repository+has+one+or+more+++++++submodules+with+specially+crafted+%26lsquo%3Bssh%3A%2F%2F...%26rsquo%3B+URLs.+Each+time+the+++++++repository+is+recursively+cloned+or+submodules+are+updated+the+payload+++++++will+be+triggered.%0A++Impact+%3A%0A%0A++++A+remote+attacker%2C+by+enticing+a+user+to+clone+a+specially+crafted+++++++repository%2C+could+possibly+execute+arbitrary+code+with+the+privileges+of+++++++the+process.%0A++Workaround+%3A%0A%0A++++There+is+no+known+workaround+at+this+time
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top