Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GO-2021-0073
HistoryApr 14, 2021 - 8:04 p.m.

Arbitrary command execution in github.com/git-lfs/git-lfs

2021-04-1420:04:52
Google
osv.dev
17
arbitrary command execution
ssh urls
lfs configuration
malicious repository
security vulnerability

AI Score

8.7

Confidence

High

EPSS

0.005

Percentile

76.3%

JSON

Arbitrary command execution can be triggered by improperly sanitized SSH URLs in LFS configuration files. This can be triggered by cloning a malicious repository.

Related

veracode 1
nvd 1
debiancve 1
cvelist 1
github 1
cve 1
osv 2
prion 1
ubuntucve 1
nessus 1
atlassian 2
veracode
veracode
Remote Command Execution (RCE)
2017-12-22 02:56:22
nvd
nvd
CVE-2017-17831
2017-12-21 06:29:00
debiancve
debiancve
CVE-2017-17831
2017-12-21 06:29:00
cvelist
cvelist
CVE-2017-17831
2017-12-21 06:00:00
github
github
GitHub Git LFS Arbitrary command execution vulnerability
2022-05-14 00:55:16
cve
cve
CVE-2017-17831
2017-12-21 06:29:00
osv
osv
GitHub Git LFS Arbitrary command execution vulnerability
2022-05-14 00:55:16
CVE-2017-17831
2017-12-21 06:29:00
prion
prion
Arbitrary file deletion
2017-12-21 06:29:00
ubuntucve
ubuntucve
CVE-2017-17831
2017-12-21 00:00:00
nessus
nessus
Atlassian SourceTree 0.5.1.0 < 2.4.7.0 Multiple Vulnerabilities
2018-02-16 00:00:00
atlassian
atlassian
Git LFS: Arbitrary command execution in repositories with Git LFS enabled - CVE-2017-17831
2017-12-21 05:04:52
Git LFS: Arbitrary command execution in repositories with Git LFS enabled - CVE-2017-17831
2017-12-21 05:04:52

AI Score

8.7

Confidence

High

EPSS

0.005

Percentile

76.3%

JSON
Related for OSV:GO-2021-0073
veracode1nvd1debiancve1cvelist1github1cve1osv2prion1ubuntucve1nessus1atlassian2