Lucene search
Cloud FoundryCFOUNDRY:1DC7CA32CD3EC1412E019AEE4D84D3DFHistoryNov 28, 2018 - 12:00 a.m.
USN-3829-1: Git vulnerabilities | Cloud Foundry
2018-11-2800:00:00
Cloud Foundry
www.cloudfoundry.org
44
0.024 Low
EPSS
Percentile
90.0%
Severity
Medium
Vendor
Canonical Ubuntu
Versions Affected
- Canonical Ubuntu 14.04
- Canonical Ubuntu 18.04
Description
It was discovered that Git incorrectly handled layers of tree objects. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-15298)
It was discovered that Git incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-19486)
CVEs contained in this USN include: CVE-2017-15298, CVE-2018-19486
Affected Cloud Foundry Products and Versions
Severity is medium unless otherwise noted.
- All versions of Cloud Foundry cflinuxfs2 prior to 1.251.0
- All versions of Cloud Foundry cflinuxfs3 prior to 0.42.0
Mitigation
Users of affected products are strongly encouraged to follow one of the mitigations below:
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 version 1.251.0 or later.
- The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs3 version 0.42.0 or later.
References
Related
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Git vulnerabilities (USN-3829-1)
2018-11-28 00:00:00
Amazon Linux AMI : git (ALAS-2018-1136)
2018-12-21 00:00:00
SUSE SLED15 / SLES15 Security Update : git (SUSE-SU-2018:4190-1)
2019-01-02 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3829-1)
2018-11-28 00:00:00
openSUSE: Security Advisory for git (openSUSE-SU-2018:4257-1)
2018-12-23 00:00:00
Fedora Update for git FEDORA-2017-742be0e59c
2017-12-04 00:00:00
ubuntu
ubuntu
Git vulnerabilities
2018-11-27 00:00:00
fedora
fedora
[SECURITY] Fedora 25 Update: git-2.9.5-3.fc25
2017-12-09 04:58:39
[SECURITY] Fedora 26 Update: git-2.13.6-2.fc26
2017-11-28 16:30:22
[SECURITY] Fedora 29 Update: git-2.19.2-1.fc29
2018-11-28 02:43:58
prion
prion
Code injection
2017-10-14 22:29:00
Design/Logic Flaw
2018-11-23 08:29:00
gentoo
gentoo
Git: Multiple vulnerabilities
2019-04-11 00:00:00
amazon
amazon
cve
cve
CVE-2018-19486
2018-11-23 08:29:00
CVE-2017-15298
2017-10-14 22:29:00
mageia
mageia
Updated git packages fix security vulnerability
2019-06-21 04:07:01
Updated git packages fix security vulnerability
2017-12-02 02:13:21
nvd
nvd
CVE-2018-19486
2018-11-23 08:29:00
CVE-2017-15298
2017-10-14 22:29:00
ubuntucve
ubuntucve
CVE-2018-19486
2018-11-23 00:00:00
CVE-2017-15298
2017-10-14 00:00:00
suse
suse
Security update for git (moderate)
2018-12-23 00:11:07
Security update for git (moderate)
2020-05-02 00:00:00
osv
osv
CVE-2018-19486
2018-11-23 08:29:00
CVE-2017-15298
2017-10-14 22:29:00
debiancve
debiancve
CVE-2017-15298
2017-10-14 22:29:00
CVE-2018-19486
2018-11-23 08:29:00
cvelist
cvelist
CVE-2017-15298
2017-10-14 19:00:00
CVE-2018-19486
2018-11-23 08:00:00
alpinelinux
alpinelinux
CVE-2018-19486
2018-11-23 08:29:00
redhat
redhat
(RHSA-2018:3800) Important: rh-git218-git security update
2018-12-10 07:48:01
redhatcve
redhatcve
CVE-2018-19486
2018-11-26 04:49:08
CVE-2017-15298
2017-11-07 13:19:26
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0185
2019-11-01 00:00:00
Critical Photon OS Security Update - PHSA-2019-0185
2019-11-01 00:00:00
Critical Photon OS Security Update - PHSA-2019-0036
2019-10-23 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1843
2021-07-02 16:45:45
kitploit
kitploit