Vulnerability Manager Plus

(RHSA-2018:3408) git security update git-email-1.8.3.1-20.el7.noarch.rpm

Risk Information

Base Score

9.8

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

No records found

CVE Information

Source CVE
CVE-2018-17456

Associated CVE
CVE-2018-17456

Patch Details

No records found

References

http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.html
http://www.securityfocus.com/bid/105523
http://www.securityfocus.com/bid/107511
http://www.securitytracker.com/id/1041811
https://access.redhat.com/errata/RHSA-2018:3408
https://access.redhat.com/errata/RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2018:3541
https://github.com/git/git/commit/1a7fd1fb2998002da6e9ff2ee46e1bdd25ee8404
https://github.com/git/git/commit/a124133e1e6ab5c7a9fef6d0e6bcb084e3455b46
https://marc.info/?l=git&m=153875888916397&w=2
https://seclists.org/bugtraq/2019/Mar/30
https://usn.ubuntu.com/3791-1/
https://www.debian.org/security/2018/dsa-4311
https://www.exploit-db.com/exploits/45548/
https://www.exploit-db.com/exploits/45631/
https://www.openwall.com/lists/oss-security/2018/10/06/3