FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-18 08:06:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8	git -- multiple vulnerabilities Git development team reports: CVE-2024-50349: Printing unsanitized URLs when asking for credentials made the user susceptible to crafted URLs (e.g. in recursive clones) that mislead the user into typing in passwords for trusted sites that would then be sent to untrusted sites instead. CVE-2024-52006: Git may pass on Carriage Returns via the credential protocol to credential helpers which use line-reading functions that interpret said Carriage Returns as line endings, even though Git did not intend that. Discovery 2024-10-29 Entry 2025-01-14 git git-cvs git-gui git-p4 git-svn < 2.48.1 CVE-2024-50349 https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr CVE-2024-52006 https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp

VuXML ID

Description

3445e4b6-d2b8-11ef-9ff3-43c2b5d6c4c8

git -- multiple vulnerabilities

Git development team reports:

CVE-2024-50349: Printing unsanitized URLs when asking for credentials made the user susceptible to crafted URLs (e.g. in recursive clones) that mislead the user into typing in passwords for trusted sites that would then be sent to untrusted sites instead.

CVE-2024-52006: Git may pass on Carriage Returns via the credential protocol to credential helpers which use line-reading functions that interpret said Carriage Returns as line endings, even though Git did not intend that.

Discovery 2024-10-29
Entry 2025-01-14
git
git-cvs
git-gui
git-p4
git-svn

< 2.48.1

CVE-2024-50349
https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr
CVE-2024-52006
https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp