Lucene search
GoogleOSV:CVE-2021-29468HistoryApr 29, 2021 - 9:15 p.m.
CVE-2021-29468
2021-04-2921:15:08
Google
osv.dev
12
cygwin
git
vulnerability
symbolic links
backslash characters
repository
cygwin git v2.31.1-2
upstream sources
manual patch
visual studio
Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for Visual Studio.
Related
nessus
nessus
EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1520)
2022-04-21 00:00:00
EulerOS 2.0 SP10 : git (EulerOS-SA-2022-1519)
2022-04-20 00:00:00
Security Updates for Microsoft Visual Studio Products (December 2019)
2019-12-10 00:00:00
nvd
nvd
openvas
openvas
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2022-1520)
2022-04-20 00:00:00
Huawei EulerOS: Security Advisory for git (EulerOS-SA-2022-1519)
2022-04-20 00:00:00
Fedora Update for libgit2 FEDORA-2019-9c3d054f39
2020-01-09 00:00:00
prion
prion
Code injection
2021-04-29 21:15:00
Remote code execution
2020-01-24 21:15:00
Remote code execution
2020-01-24 21:15:00
cve
cve
alpinelinux
alpinelinux
cvelist
cvelist
CVE-2021-29468 Arbitrary code execution when checking out an attacker-controlled Git branch
2021-04-29 20:35:20
CVE-2019-1352
2020-01-24 20:50:26
CVE-2019-1349
2020-01-24 20:50:25
veracode
veracode
Remote Code Execution (RCE)
2020-05-10 23:22:09
symantec
symantec
mscve
mscve
Git for Visual Studio Remote Code Execution Vulnerability
2019-12-10 08:00:00
ibm
ibm
rosalinux
rosalinux
Advisory ROSA-SA-2021-1843
2021-07-02 16:45:45
osv
osv
ubuntucve
ubuntucve
debiancve
debiancve
redhatcve
redhatcve
kaspersky
kaspersky
KLA11618 Multiple vulnerabilities in Microsoft Developer Tools
2019-12-10 00:00:00
oraclelinux
oraclelinux
git security update
2019-12-19 00:00:00
qualysblog
qualysblog
fedora
fedora
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
2019-12-17 01:46:03
[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31
2019-12-18 01:56:26
[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30
2020-01-04 22:16:13
amazon
amazon
altlinux
altlinux
Security fix for the ALT Linux 8 package git version 2.24.1-alt1
2019-12-12 00:00:00
Security fix for the ALT Linux 10 package git version 2.24.1-alt1
2019-12-08 00:00:00
ubuntu
ubuntu
Git vulnerabilities
2019-12-10 00:00:00
gentoo
gentoo
Git: Multiple vulnerabilities
2020-03-15 00:00:00
cloudfoundry
cloudfoundry
USN-4220-1: Git vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
suse
suse
Security update for git (important)
2020-01-29 00:00:00
Security update for git (moderate)
2020-05-02 00:00:00
threatpost
threatpost
Microsoft Zaps Actively Exploited Zero-Day Bug
2019-12-10 21:21:24