Security: git/git
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Arbitrary configuration injection via `git submodule deinit`GHSA-v48j-4xgg-4844 published
Apr 25, 2023 by ttaylorrHigh -
"git apply --reject" partially-controlled arbitrary file writeGHSA-2hvf-7c8p-28fx published
Apr 25, 2023 by ttaylorrModerate -
"git apply" overwriting paths outside the working treeGHSA-r87m-v37r-cwfh published
Feb 14, 2023 by ttaylorrHigh -
Local clone-based data exfiltration with non-local transportsGHSA-gw92-x3fm-3g3q published
Feb 14, 2023 by ttaylorrModerate -
gitattributes parsing integer overflowGHSA-c738-c5qq-xg89 published
Jan 17, 2023 by ttaylorrCritical -
Heap overflow in `git archive`, `git log --format` leading to RCEGHSA-475x-2q3q-hvwq published
Jan 17, 2023 by ttaylorrCritical -
Heap overflow in `git shell` leading to RCEGHSA-rjr6-wcq6-83p6 published
Oct 18, 2022 by ttaylorrHigh -
Local clone optimization dereferences symbolic links by defaultGHSA-3wp6-j8xr-qw85 published
Oct 18, 2022 by ttaylorrModerate -
Bypass of safe.directory protectionsGHSA-j342-m5hw-rr3v published
Jul 12, 2022 by dschoModerate -
malicious repositories can execute remote code while cloningGHSA-8prw-h3cq-mghm published
Mar 9, 2021 by dschoHigh