rpm package
opensuse/git&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/git&distro=openSUSE%20Leap%2015.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-40330 | — | < 2.26.2-lp152.2.12.1 | 2.26.2-lp152.2.12.1 | Aug 31, 2021 | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | ||
| CVE-2021-21300 | — | < 2.26.2-lp152.2.6.1 | 2.26.2-lp152.2.6.1 | Mar 9, 2021 | Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a c |
- CVE-2021-40330Aug 31, 2021affected < 2.26.2-lp152.2.12.1fixed 2.26.2-lp152.2.12.1
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
- CVE-2021-21300Mar 9, 2021affected < 2.26.2-lp152.2.6.1fixed 2.26.2-lp152.2.6.1
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a c