Unrated severityNVD Advisory· Published Feb 10, 2010· Updated Apr 29, 2026

CVE-2010-0394

Description

PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on Debian GNU/Linux, when enabled in Trac, allows remote attackers to execute arbitrary commands via shell metacharacters in a crafted HTTP query that is used to generate a certain git command.

Affected products

Nanosleep/Trac Git
cpe:2.3:a:nanosleep:trac-git:*:*:*:*:*:*:*:*
Range: <=0.0.20080710

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/38325nvdVendor Advisory
bugs.debian.org/cgi-bin/bugreport.cginvd
osvdb.org/62147nvd
www.debian.org/security/2010/dsa-1990nvd
www.securityfocus.com/bid/38076nvd
exchange.xforce.ibmcloud.com/vulnerabilities/56105nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000