Git LFS 2.12.0 allows Remote Code Execution.
oryginał ENCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HGit Large File Storage Project Git Large File Storage
APPGit Large File Storage Project2.12.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCE
CWE
Referencje
Powiązane podatności
CVE-2022-24826CRITICAL9.8ten sam produkt
On Windows, if Git LFS operates on a malicious repository with a `..exe` file as well as a file named `git.exe...
CVE-2021-21237HIGH7.2ten sam produkt
Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a ma...
CVE-2017-17831HIGH8.8ten sam produkt
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initi...