vulnerability

Oracle Solaris 11: CVE-2018-17456: Vulnerability in Git

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Oct 6, 2018	Nov 19, 2018	Feb 17, 2022

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Oct 6, 2018

Added

Nov 19, 2018

Modified

Feb 17, 2022

Description

Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x before 2.17.2, 2.18.x before 2.18.1, and 2.19.x before 2.19.1 allows remote code execution during processing of a recursive "git clone" of a superproject if a .gitmodules file has a URL field beginning with a '-' character.

Solutions

oracle-solaris-11-3-upgrade-developer-versioning-git-2-19-2-0-175-3-36-0-11-0oracle-solaris-11-4-upgrade-developer-versioning-git-2-15-3-11-4-3-0-1-4-0

References

BID-105523
BID-107511
CVE-2018-17456
https://attackerkb.com/topics/CVE-2018-17456
DEBIAN-DSA-4311
REDHAT-RHSA-2018:3408
REDHAT-RHSA-2018:3505
REDHAT-RHSA-2018:3541
REDHAT-RHSA-2020:0316
URL-https://support.oracle.com/epmos/faces/DocumentDisplay?id=1448883.1&displayIndex=1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today