Msrc Cbl2 Git 2.33.8-2 On Cbl Mariner 2.0 vulnerabilities

CVE-2024-32465 [HIGH] CWE-22 Git's protections for cloning untrusted repositories can be bypassed Git's protections for cloning untrusted repositories can be bypassed FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open sour

CVE-2024-32020 [LOW] CWE-281 Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will Cloning local Git repository by untrusted user allows the untrusted user to modify objects in the cloned repository at will FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux

CVE-2024-32021 [LOW] CWE-547 Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory Local Git clone may hardlink arbitrary user-readable files into the new repository's "objects/" directory FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it

CVE-2022-41903 [CRITICAL] CWE-190 Integer overflow in `git archive` `git log --format` leading to RCE in git Integer overflow in `git archive` `git log --format` leading to RCE in git FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions

CVE-2022-41953 [HIGH] CWE-426 Git clone remote code execution vulnerability in git-for-windows Git clone remote code execution vulnerability in git-for-windows FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libr