Thread Rating:
- 0 Vote(s) - 0 Average
- 1
- 2
- 3
- 4
- 5
Share Post:
"git clone" Hit By Vulnerability That Could Lead To Code Execution
|
Posts: 1,273
Threads: 303
Thanks Received: 2,118 in 980 posts
Thanks Given: 1,279
Joined: Jan 2018
Reputation:
55
Quote:
Disclosed today is CVE-2021-21300 as a security vulnerability affecting git clone that could lead to specially crafted repositories being able to execute code during the Git clone process.
Git versions back to v2.15 are affected by this security vulnerability. Specially crafted repositories could execute code during the git clone process on case-insensitive file-systems supporting symbolic links. The vulnerability stems from clean/smudge filters being abused like those used by Git LFS.
Users are encouraged to upgrade to Git 2.30.2 as soon as possible or at the very least to disable support for symbolic links in Git or by disabling support for process filters. Or just don't go cloning from untrusted repositories.
More details on this Git clone vulnerability can be found via the [color=var(--theme-link_a)]GitHub blog although GitHub-hosted repositories are not affected by this vulnerability.[/color]
Source
|
Messages In This Thread |
"git clone" Hit By Vulnerability That Could Lead To Code Execution - by Bjyda - 03-11-2021 , 10:30 PM
|
Possibly Related Threads… |
Thread |
Author |
Replies |
Views |
Last Post |
|
Vulnerabilities in WatchGuard, Panda Security Products Lead to Code Execution |
mrtrout |
0 |
585 |
02-04-2024 , 06:49 AM
Last Post: mrtrout
|
|
McAfee researchers find you can clone a voice from just three seconds of audio |
mrtrout |
0 |
1,355 |
06-11-2023 , 12:11 AM
Last Post: mrtrout
|
|
PyPI removes 'mitmproxy2' over code execution concerns |
mrtrout |
0 |
627 |
10-12-2021 , 10:43 PM
Last Post: mrtrout
|
|
Adobe Patches Code Execution Flaws in Connect, Creative Cloud, Framemaker |
Bjyda |
0 |
1,082 |
03-10-2021 , 12:14 AM
Last Post: Bjyda
|
|
VMware addresses Remote Code Execution issue in View Planner |
Bjyda |
0 |
1,173 |
03-05-2021 , 12:16 AM
Last Post: Bjyda
|
Users browsing this thread: 1 Guest(s)