Vulnerabilities > GIT > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-14 CVE-2020-5260 Insufficiently Protected Credentials vulnerability in multiple products
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker.
7.5
2017-06-01 CVE-2017-8386 git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character.
network
low complexity
git opensuse debian canonical fedoraproject
8.8
2008-08-07 CVE-2008-3546 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GIT
Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.
network
low complexity
linux git CWE-119
7.5
2006-01-31 CVE-2006-0477 Remote Buffer Overflow vulnerability in GIT
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
network
low complexity
git
7.5