-
-
Notifications
You must be signed in to change notification settings - Fork 231
Expand file tree
/
Copy pathCVE-2015-8968.yml
More file actions
23 lines (22 loc) · 977 Bytes
/
CVE-2015-8968.yml
File metadata and controls
23 lines (22 loc) · 977 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
---
gem: git-fastclone
cve: 2015-8968
ghsa: 8gg6-3r63-25m8
url: https://hackerone.com/reports/104465
title: git-fastclone permits arbitrary shell command execution from .gitmodules
date: 2015-12-11
description: |
Git allows executing arbitrary shell commands using git-remote-ext via a
remote URLs. Normally git never requests URLs that the user doesn't
specifically request, so this is not a serious security concern. However,
submodules did allow the remote repository to specify what URL to clone
from.
If an attacker can instruct a user to run a recursive clone from a
repository they control, they can get a client to run an arbitrary shell
command. Alternately, if an attacker can MITM an unencrypted git clone,
they could exploit this. The ext command will be run if the repository is
recursively cloned or if submodules are updated. This attack works when
cloning both local and remote repositories.
cvss_v3: 8.8
patched_versions:
- ">= 1.0.1"