| 2023-04-25 | CVE-2023-29007 | Injection vulnerability in multiple products
Git is a revision control system. | 7.8 |
| 2023-04-25 | CVE-2023-25652 | Path Traversal vulnerability in multiple products
Git is a revision control system. | 7.5 |
| 2023-02-14 | CVE-2023-23946 | Path Traversal vulnerability in Git-Scm GIT
Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. | 7.5 |
| 2023-01-17 | CVE-2022-41953 | Untrusted Search Path vulnerability in Git-Scm GIT
Git GUI is a convenient graphical tool that comes with Git for Windows. | 7.8 |
| 2022-10-19 | CVE-2022-39260 | Heap-based Buffer Overflow vulnerability in multiple products
Git is an open source, scalable, distributed revision control system. | 8.8 |
| 2022-07-12 | CVE-2022-29187 | Improper Ownership Management vulnerability in multiple products
Git is a distributed revision control system. | 7.8 |
| 2022-04-12 | CVE-2022-24765 | Uncontrolled Search Path Element vulnerability in multiple products
Git for Windows is a fork of Git containing Windows-specific patches. | 7.8 |
| 2022-02-11 | CVE-2022-24975 | Exposure of Resource to Wrong Sphere vulnerability in Git-Scm GIT
The --mirror documentation for Git through 2.35.1 does not mention the availability of deleted content, aka the "GitBleed" issue. | 7.5 |
| 2021-08-31 | CVE-2021-40330 | git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring. | 7.5 |
| 2021-03-09 | CVE-2021-21300 | Link Following vulnerability in multiple products
Git is an open-source distributed revision control system. | 7.5 |