Known Vulnerabilities for products from Git-scm
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Git-scm".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24975 | The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" is... | 7.5 - HIGH | 2022-02-11 | 2022-02-22 |
| CVE-2022-24765 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2022-04-12 | 2023-12-27 |
| CVE-2022-23521 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2023-01-17 | 2023-12-27 |
| CVE-2021-40330 | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result i... | 7.5 - HIGH | 2021-08-31 | 2022-11-07 |
| CVE-2021-21300 | Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that co... | 7.5 - HIGH | 2021-03-09 | 2023-11-07 |
| CVE-2020-11008 | Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlle... | 7.5 - HIGH | 2020-04-21 | 2023-11-07 |
| CVE-2020-5260 | Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlle... | 7.5 - HIGH | 2020-04-14 | 2023-11-07 |
| CVE-2019-19604 | Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before 2.22.2, 2.23.x before 2.23.... | 7.8 - HIGH | 2019-12-11 | 2023-11-07 |
| CVE-2019-1387 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, an... | 8.8 - HIGH | 2019-12-18 | 2023-11-07 |
| CVE-2019-1353 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, an... | 9.8 - CRITICAL | 2020-01-24 | 2023-11-07 |
| CVE-2019-1348 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, an... | 3.3 - LOW | 2020-01-24 | 2023-11-07 |
| CVE-2018-1000021 | GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems includin... | 8.8 - HIGH | 2018-02-09 | 2018-03-06 |
| CVE-2018-19486 | Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH)... | 9.8 - CRITICAL | 2018-11-23 | 2019-04-11 |
| CVE-2018-17456 | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before ... | 9.8 - CRITICAL | 2018-10-06 | 2020-08-24 |
| CVE-2018-11235 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code... | 7.8 - HIGH | 2018-05-30 | 2020-05-02 |
| CVE-2018-11233 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to san... | 7.5 - HIGH | 2018-05-30 | 2020-05-02 |
| CVE-2017-1000117 | A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can res... | 8.8 - HIGH | 2017-10-05 | 2023-11-07 |
| CVE-2017-15298 | Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory cons... | 5.5 - MEDIUM | 2017-10-14 | 2020-05-02 |
| CVE-2017-14867 | Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Per... | 8.8 - HIGH | 2017-09-29 | 2023-11-07 |
| CVE-2016-2324 | Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many ne... | 9.8 - CRITICAL | 2016-04-08 | 2023-06-21 |
Known software with vulnerabilities from Git-scm
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Git-scm | Git | 0.01 |