CVE-2018-11235: In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a…

high7.8CVSS 3.0

AVLACLPRNUIRSUCHIHAH

EXPLOIT

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.

Affected

26 ranges· showing 25

Vendor	Product	Version range	Fixed in
apple	xcode	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	debian_linux	—	—
debian	git	< git 1:2.17.1-1 (bookworm)	git 1:2.17.1-1 (bookworm)
git-scm	git	<= 2.13.6	—
git-scm	git	—	—
git-scm	git	2.14.0 – 2.14.3	—
git-scm	git	2.15.0 – 2.15.1	—
git-scm	git	2.16.0 – 2.16.3	—
git	git	>= 0 < 1:2.17.1-1	1:2.17.1-1
git	git	>= 0 < 1:2.17.1-1	1:2.17.1-1
git	git	>= 0 < 1:2.17.1-1	1:2.17.1-1
git	git	>= 0 < 1:2.17.1-1	1:2.17.1-1
git	git	>= 0 < 1:1.9.1-1ubuntu0.8	1:1.9.1-1ubuntu0.8
git	git	>= 0 < 1:2.7.4-0ubuntu1.4	1:2.7.4-0ubuntu1.4
git	git	>= 0 < 1:2.17.1-1ubuntu0.1	1:2.17.1-1ubuntu0.1
gitforwindows	git	<= 2.17.1	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux_desktop	—	—
redhat	enterprise_linux_server	—	—
redhat	enterprise_linux_server_eus	—	—

CVSS provenance

nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

osv7.8HIGH