- Home
- CVEs with nessus.description==The version of Git for Windows installed on the remote host is version 2.7.x prior to 2.7.6, 2.8.x prior to 2.8.6, 2.9.x prior to 2.9.5, 2.10.x prior to 2.10.4, 2.11.x prior to 2.11.13, 2.12.x prior to 2.12.4, 2.13.x prior to 2.13.5, or 2.14.x prior to 2.14.1. It is, therefore, affected by a command execution vulnerability due to a flaw in the handling of 'ssh://' URLs that begin with a dash. A maliciously crafted 'ssh://' URL causes Git clients to run an arbitrary shell command. Such a URL could be placed in the .gitmodules file of a malicious project, and an unsuspecting victim could be tricked into running 'git clone --recurse-submodules' to trigger the vulnerability.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top