CVE-2018-1000021

ADVISORY - nist

Summary

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

EPSS Score⁠: 0.00073 (0.327)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20⁠

Improper Input Validation

ADVISORY - redhat

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Impacted images

Advisories

NIST

CREATED

7 years ago

UPDATED

3 days ago

ADVISORY IDCVE-2018-1000021⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5medium

Debian

CREATED

7 years ago

UPDATED

4 days ago

ADVISORY IDCVE-2018-1000021⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

7 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2018-1000021⁠

EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

8.8low

Red Hat

CREATED

7 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2018-1000021⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

5medium