CVE-2018-1000021

ADVISORY - nist

Summary

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

EPSS Score⁠: 0.00073 (0.327)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-20⁠

Improper Input Validation

ADVISORY - redhat

CWE-78⁠

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.