CVE-2018-1000021

Published: 2/9/2018 Last updated: 8/5/2024 Reserved: 1/29/2018

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-git

Products affected (1)

Product	Vendor	Version
n/a	n/a	10 Version 1803 for ARM64-based Systems

References (2)

http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html
http://www.batterystapl.es/2018/01/security-implications-of-ansi-escape.html