rpm package
suse/git&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5
pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5
Vulnerabilities (6)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-32465 | — | < 2.35.3-150300.10.39.1 | 2.35.3-150300.10.39.1 | May 14, 2024 | Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repo | ||
| CVE-2024-32021 | — | < 2.35.3-150300.10.39.1 | 2.35.3-150300.10.39.1 | May 14, 2024 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as th | ||
| CVE-2024-32020 | — | < 2.35.3-150300.10.39.1 | 2.35.3-150300.10.39.1 | May 14, 2024 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source reposito | ||
| CVE-2024-32004 | — | < 2.35.3-150300.10.39.1 | 2.35.3-150300.10.39.1 | May 14, 2024 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2 | ||
| CVE-2024-32002 | — | < 2.35.3-150300.10.39.1 | 2.35.3-150300.10.39.1 | May 14, 2024 | Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a | ||
| CVE-2024-24577 | — | < 2.35.3-150300.10.42.1 | 2.35.3-150300.10.42.1 | Feb 6, 2024 | libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary |
- CVE-2024-32465May 14, 2024affected < 2.35.3-150300.10.39.1fixed 2.35.3-150300.10.39.1
Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repo
- CVE-2024-32021May 14, 2024affected < 2.35.3-150300.10.39.1fixed 2.35.3-150300.10.39.1
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, when cloning a local source repository that contains symlinks via the filesystem, Git may create hardlinks to arbitrary user-readable files on the same filesystem as th
- CVE-2024-32020May 14, 2024affected < 2.35.3-150300.10.39.1fixed 2.35.3-150300.10.39.1
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, local clones may end up hardlinking files into the target repository's object database when source and target repository reside on the same disk. If the source reposito
- CVE-2024-32004May 14, 2024affected < 2.35.3-150300.10.39.1fixed 2.35.3-150300.10.39.1
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2
- CVE-2024-32002May 14, 2024affected < 2.35.3-150300.10.39.1fixed 2.35.3-150300.10.39.1
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a
- CVE-2024-24577Feb 6, 2024affected < 2.35.3-150300.10.42.1fixed 2.35.3-150300.10.42.1
libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to `git_index_add` can cause heap corruption that could be leveraged for arbitrary