Git Large File Storage Remote Code Execution Vulnerability on Windows systems (CVE-2020-27955)

Overview Git is a free and open-source distributed version control system designed to handle everything from small to very large projects with speed and efficiency. A critical vulnerability was reported in the Git framework in Git Large File Storage (LFS). With this vulnerability, Windows-system victims are tricked into cloning the attacker’s malicious repository using a … Continue reading “Git Large File Storage Remote Code Execution Vulnerability on Windows systems (CVE-2020-27955)”

Git RCE Vulnerability : CVE-2018-11235

A remote code execution in Git has been discovered. CVE-2018-11235 has been assigned to track this vulnerability. Git 2.17.1 and Git for Windows 2.17.1 (2) address this vulnerability. Vulnerability submodule “names” from .gitmodule files are appended to $GIT_DIR/modules for on-disk repository paths. When we git clone a repository not all configuration files and hooks are received from … Continue reading “Git RCE Vulnerability : CVE-2018-11235”