rpm package
suse/git&distro=SUSE Linux Enterprise Server 12
pkg:rpm/suse/git&distro=SUSE%20Linux%20Enterprise%20Server%2012
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-7545 | Cri | 9.8 | < 1.8.5.6-15.1 | 1.8.5.6-15.1 | Apr 13, 2016 | The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in | |
| CVE-2016-2324 | Cri | 9.8 | < 1.8.5.6-18.1 | 1.8.5.6-18.1 | Apr 8, 2016 | Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow. | |
| CVE-2016-2315 | Cri | 9.8 | < 1.8.5.6-18.1 | 1.8.5.6-18.1 | Apr 8, 2016 | revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow. |
- affected < 1.8.5.6-15.1fixed 1.8.5.6-15.1
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed protocols, which might allow remote attackers to execute arbitrary code via a URL in
- affected < 1.8.5.6-18.1fixed 1.8.5.6-18.1
Integer overflow in Git before 2.7.4 allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, which triggers a heap-based buffer overflow.
- affected < 1.8.5.6-18.1fixed 1.8.5.6-18.1
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.