Vulnerabilities > CVE-2022-24975 - Exposure of Resource to Wrong Sphere vulnerability in Git-Scm GIT

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
git-scm
CWE-668
NVD
Published: 2022-02-11
Updated: 2022-02-22

Summary

The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. This could present a security risk if information-disclosure auditing processes rely on a clone operation without the --mirror option.

Vulnerable Configurations

Part Description Count
Application
Git-Scm
864

Common Weakness Enumeration (CWE)

References