Git Gitforwindows Git

Do you want an email whenever new security vulnerabilities are reported in Gitforwindows Git?

By the Year

In 2022 there have been 1 vulnerability in Gitforwindows Git with an average score of 7.5 out of ten. Git did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2022 as compared to last year.

Year Vulnerabilities Average Score
2022 1 7.50
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 7.80

It may take a day or so for new Git vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Gitforwindows Git Security Vulnerabilities

In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd

CVE-2021-46101 7.5 - High - January 31, 2022

In Git for windows through 2.34.1 when using git pull to update the local warehouse, git.cmd can be run directly.

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution

CVE-2018-11235 7.8 - High - May 30, 2018

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.

Directory traversal

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Enterprise Linux Workstation or by Gitforwindows? Click the Watch button to subscribe.

subscribe