pkg:Bitnami/git

共 13 筆 CVECRITICAL2HIGH7MEDIUM2LOW1

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.0CVE-2025-48384⚠ KEVGit allows arbitrary code execution through broken config quoting
    from 0, < 2.50.1
  • CRITICAL9.8CVE-2022-25648Command Injection
    from 0, < 1.11.0
  • CRITICAL9.0CVE-2024-32002Git's recursive clones on case-insensitive filesystems that support symlinks are susceptible to Remote Code Execution
    from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
  • HIGH8.8CVE-2024-52005The sideband payload is passed unfiltered to the terminal in git
    from 0, < 2.40.5, >= 2.41.0, < 2.41.4, >= 2.42.0, < 2.42.5, >= 2.43.0, < 2.43.7, >= 2.44.0, < 2.44.4, >= 2.45.0, < 2.45.4, >= 2.46.0, < 2.46.4, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.2
  • HIGH7.8CVE-2024-32465Git's protections for cloning untrusted repositories can be bypassed
    from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
  • HIGH7.8CVE-2024-32004Git vulnerable to Remote Code Execution while cloning special-crafted local repositories
    from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
  • HIGH7.5CVE-2024-52006Newline confusion in credential helpers can lead to credential exfiltration in git
    from 0, < 2.40.4, >= 2.41.0, < 2.41.3, >= 2.42.0, < 2.42.4, >= 2.43.0, < 2.43.6, >= 2.44.0, < 2.44.3, >= 2.45.0, < 2.45.3, >= 2.46.0, < 2.46.3, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.1
  • HIGH7.5CVE-2020-5260malicious URLs may cause Git to present stored credentials to the wrong server
    from 0, < 2.17.4, >= 2.22.0, < 2.22.3
  • HIGH7.1CVE-2024-32021Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory
    from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
  • MEDIUM6.3CVE-2025-48386Git allows a buffer overflow in 'wincred' credential helper
    from 0, < 2.50.1
  • MEDIUM4.7CVE-2024-50349Git does not sanitize URLs when asking for credentials interactively
    from 0, < 2.40.4, >= 2.41.0, < 2.41.3, >= 2.42.0, < 2.42.4, >= 2.43.0, < 2.43.6, >= 2.44.0, < 2.44.3, >= 2.45.0, < 2.45.3, >= 2.46.0, < 2.46.3, >= 2.47.0, < 2.47.2, >= 2.48.0, < 2.48.1
  • LOW3.3CVE-2024-32020Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will
    from 0, < 2.39.4, >= 2.40.0, < 2.40.2, >= 2.41.0, < 2.41.1, >= 2.42.0, < 2.42.2, >= 2.43.0, < 2.43.4, >= 2.44.0, < 2.44.1, >= 2.45.0, < 2.45.1
  • CVE-2025-48385Git alllows arbitrary file writes via bundle-uri parameter injection
    from 0, < 2.50.1