rpm package
suse/git&distro=SUSE Linux Enterprise Module for Basesystem 15 SP2
pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-40330 | — | < 2.26.2-33.1 | 2.26.2-33.1 | Aug 31, 2021 | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | ||
| CVE-2021-21300 | — | < 2.26.2-3.31.1 | 2.26.2-3.31.1 | Mar 9, 2021 | Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a c |
- CVE-2021-40330Aug 31, 2021affected < 2.26.2-33.1fixed 2.26.2-33.1
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.
- CVE-2021-21300Mar 9, 2021affected < 2.26.2-3.31.1fixed 2.26.2-3.31.1
Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains symbolic links as well as files using a clean/smudge filter such as Git LFS, may cause just-checked out script to be executed while cloning onto a c