| 2022-02-11 | CVE-2022-24975 | Exposure of Resource to Wrong Sphere vulnerability in Git-Scm GIT
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. | 7.5 |
| 2021-08-31 | CVE-2021-40330 | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | 7.5 |
| 2021-03-09 | CVE-2021-21300 | Git is an open-source distributed revision control system. | 7.5 |
| 2020-04-21 | CVE-2020-11008 | Insufficiently Protected Credentials vulnerability in multiple products
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. | 7.5 |
| 2020-04-14 | CVE-2020-5260 | Insufficiently Protected Credentials vulnerability in multiple products
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. | 7.5 |
| 2020-01-24 | CVE-2019-1353 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. | 9.8 |
| 2020-01-24 | CVE-2019-1348 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. | 3.3 |
| 2019-12-18 | CVE-2019-1387 | Unspecified vulnerability in Git-Scm GIT
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. | 8.8 |