Vulnerabilities > GIT SCM > GIT > 2.10.0

DATE CVE VULNERABILITY TITLE RISK
2017-10-05 CVE-2017-1000117 Open Redirect vulnerability in Git-Scm GIT
A malicious third-party can give a crafted "ssh://..." URL to an unsuspecting victim, and an attempt to visit the URL can result in any program that exists on the victim's machine being executed.
network
low complexity
git-scm CWE-601
8.8
8.8
2017-09-29 CVE-2017-14867 OS Command Injection vulnerability in multiple products
Git before 2.10.5, 2.11.x before 2.11.4, 2.12.x before 2.12.5, 2.13.x before 2.13.6, and 2.14.x before 2.14.2 uses unsafe Perl scripts to support subcommands such as cvsserver, which allows attackers to execute arbitrary OS commands via shell metacharacters in a module name.
network
low complexity
git-scm debian CWE-78
8.8
8.8