Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
Typedeb
Namespacedebian
Namegit
Version1:2.11.0-3+deb9u7
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1:2.39.5-0+deb12u3
Latest_non_vulnerable_version1:2.39.5-0+deb12u3
Affected_by_vulnerabilities
0
url VCID-14ws-nfew-syac
vulnerability_id VCID-14ws-nfew-syac
summary git: unexpected cross-protocol requests via a repository path containing a newline character
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40330.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40330.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40330
reference_id
reference_type
scores
0
value 0.00447
scoring_system epss
scoring_elements 0.63431
published_at 2026-04-01T12:55:00Z
1
value 0.00447
scoring_system epss
scoring_elements 0.6349
published_at 2026-04-02T12:55:00Z
2
value 0.00447
scoring_system epss
scoring_elements 0.63517
published_at 2026-04-04T12:55:00Z
3
value 0.00447
scoring_system epss
scoring_elements 0.63481
published_at 2026-04-07T12:55:00Z
4
value 0.00447
scoring_system epss
scoring_elements 0.63532
published_at 2026-04-08T12:55:00Z
5
value 0.00447
scoring_system epss
scoring_elements 0.6355
published_at 2026-04-12T12:55:00Z
6
value 0.00447
scoring_system epss
scoring_elements 0.63566
published_at 2026-04-11T12:55:00Z
7
value 0.00447
scoring_system epss
scoring_elements 0.63516
published_at 2026-04-13T12:55:00Z
8
value 0.00447
scoring_system epss
scoring_elements 0.63553
published_at 2026-04-16T12:55:00Z
9
value 0.00447
scoring_system epss
scoring_elements 0.6356
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40330
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1999755
reference_id 1999755
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1999755
5
reference_url https://usn.ubuntu.com/5076-1/
reference_id USN-5076-1
reference_type
scores
url https://usn.ubuntu.com/5076-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2021-40330
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-14ws-nfew-syac
1
url VCID-1p7p-zdcs-xugj
vulnerability_id VCID-1p7p-zdcs-xugj
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1353
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.40472
published_at 2026-04-01T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40552
published_at 2026-04-02T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40579
published_at 2026-04-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40501
published_at 2026-04-07T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40551
published_at 2026-04-08T12:55:00Z
5
value 0.00187
scoring_system epss
scoring_elements 0.40562
published_at 2026-04-09T12:55:00Z
6
value 0.00187
scoring_system epss
scoring_elements 0.40582
published_at 2026-04-11T12:55:00Z
7
value 0.00187
scoring_system epss
scoring_elements 0.40545
published_at 2026-04-12T12:55:00Z
8
value 0.00187
scoring_system epss
scoring_elements 0.40526
published_at 2026-04-13T12:55:00Z
9
value 0.00187
scoring_system epss
scoring_elements 0.40574
published_at 2026-04-16T12:55:00Z
10
value 0.00187
scoring_system epss
scoring_elements 0.40543
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1353
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781966
reference_id 1781966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781966
8
reference_url https://security.archlinux.org/AVG-1074
reference_id AVG-1074
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1074
9
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
10
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1353
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1p7p-zdcs-xugj
2
url VCID-1zaq-cvdq-8bb6
vulnerability_id VCID-1zaq-cvdq-8bb6
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23946.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23946.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-23946
reference_id
reference_type
scores
0
value 0.01674
scoring_system epss
scoring_elements 0.8218
published_at 2026-04-18T12:55:00Z
1
value 0.01674
scoring_system epss
scoring_elements 0.82148
published_at 2026-04-12T12:55:00Z
2
value 0.01674
scoring_system epss
scoring_elements 0.82142
published_at 2026-04-13T12:55:00Z
3
value 0.01674
scoring_system epss
scoring_elements 0.82179
published_at 2026-04-16T12:55:00Z
4
value 0.01674
scoring_system epss
scoring_elements 0.82103
published_at 2026-04-07T12:55:00Z
5
value 0.01674
scoring_system epss
scoring_elements 0.8213
published_at 2026-04-08T12:55:00Z
6
value 0.01674
scoring_system epss
scoring_elements 0.82137
published_at 2026-04-09T12:55:00Z
7
value 0.01674
scoring_system epss
scoring_elements 0.82157
published_at 2026-04-11T12:55:00Z
8
value 0.03035
scoring_system epss
scoring_elements 0.86612
published_at 2026-04-02T12:55:00Z
9
value 0.03035
scoring_system epss
scoring_elements 0.86632
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-23946
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310
reference_id 1031310
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2168161
reference_id 2168161
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2168161
7
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
8
reference_url https://access.redhat.com/errata/RHSA-2023:3245
reference_id RHSA-2023:3245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3245
9
reference_url https://access.redhat.com/errata/RHSA-2023:3246
reference_id RHSA-2023:3246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3246
10
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
11
reference_url https://usn.ubuntu.com/5871-1/
reference_id USN-5871-1
reference_type
scores
url https://usn.ubuntu.com/5871-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2023-23946
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zaq-cvdq-8bb6
3
url VCID-22kd-bt99-rqb1
vulnerability_id VCID-22kd-bt99-rqb1
summary git: Git does not sanitize URLs when asking for credentials interactively
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-50349
reference_id
reference_type
scores
0
value 0.01141
scoring_system epss
scoring_elements 0.78454
published_at 2026-04-18T12:55:00Z
1
value 0.01141
scoring_system epss
scoring_elements 0.78394
published_at 2026-04-07T12:55:00Z
2
value 0.01141
scoring_system epss
scoring_elements 0.78421
published_at 2026-04-08T12:55:00Z
3
value 0.01141
scoring_system epss
scoring_elements 0.78426
published_at 2026-04-09T12:55:00Z
4
value 0.01141
scoring_system epss
scoring_elements 0.78452
published_at 2026-04-11T12:55:00Z
5
value 0.01141
scoring_system epss
scoring_elements 0.78435
published_at 2026-04-12T12:55:00Z
6
value 0.01141
scoring_system epss
scoring_elements 0.78427
published_at 2026-04-13T12:55:00Z
7
value 0.01141
scoring_system epss
scoring_elements 0.78455
published_at 2026-04-16T12:55:00Z
8
value 0.01141
scoring_system epss
scoring_elements 0.7838
published_at 2026-04-02T12:55:00Z
9
value 0.01141
scoring_system epss
scoring_elements 0.78411
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-50349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
reference_id 1093042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2337824
reference_id 2337824
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2337824
6
reference_url https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8
reference_id 7725b8100ffbbff2750ee4d61a0fcc1f53a086e8
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/
url https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8
7
reference_url https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577
reference_id c903985bf7e772e2d08275c1a95c8a55ab011577
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/
url https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577
8
reference_url https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr
reference_id GHSA-hmg8-h7qf-7cxr
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/
url https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr
9
reference_url https://access.redhat.com/errata/RHSA-2025:11462
reference_id RHSA-2025:11462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11462
10
reference_url https://access.redhat.com/errata/RHSA-2025:11533
reference_id RHSA-2025:11533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11533
11
reference_url https://access.redhat.com/errata/RHSA-2025:11534
reference_id RHSA-2025:11534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11534
12
reference_url https://access.redhat.com/errata/RHSA-2025:19601
reference_id RHSA-2025:19601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19601
13
reference_url https://usn.ubuntu.com/7207-1/
reference_id USN-7207-1
reference_type
scores
url https://usn.ubuntu.com/7207-1/
14
reference_url https://usn.ubuntu.com/7207-2/
reference_id USN-7207-2
reference_type
scores
url https://usn.ubuntu.com/7207-2/
15
reference_url https://usn.ubuntu.com/7964-1/
reference_id USN-7964-1
reference_type
scores
url https://usn.ubuntu.com/7964-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-50349
risk_score 1.4
exploitability 0.5
weighted_severity 2.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22kd-bt99-rqb1
4
url VCID-2639-78xt-z7d3
vulnerability_id VCID-2639-78xt-z7d3
summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-46835
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01077
published_at 2026-04-02T12:55:00Z
1
value 0.0001
scoring_system epss
scoring_elements 0.0108
published_at 2026-04-04T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.01322
published_at 2026-04-16T12:55:00Z
3
value 0.00011
scoring_system epss
scoring_elements 0.01343
published_at 2026-04-07T12:55:00Z
4
value 0.00011
scoring_system epss
scoring_elements 0.01348
published_at 2026-04-09T12:55:00Z
5
value 0.00011
scoring_system epss
scoring_elements 0.01337
published_at 2026-04-18T12:55:00Z
6
value 0.00011
scoring_system epss
scoring_elements 0.01331
published_at 2026-04-12T12:55:00Z
7
value 0.00011
scoring_system epss
scoring_elements 0.01333
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-46835
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id 1108983
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379326
reference_id 2379326
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379326
6
reference_url https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da
reference_id dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/
url https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da
7
reference_url https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg
reference_id GHSA-xfx7-68v4-v8fg
reference_type
scores
0
value 8.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/
url https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg
8
reference_url https://security.gentoo.org/glsa/202507-09
reference_id GLSA-202507-09
reference_type
scores
url https://security.gentoo.org/glsa/202507-09
9
reference_url https://access.redhat.com/errata/RHSA-2025:11462
reference_id RHSA-2025:11462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11462
10
reference_url https://access.redhat.com/errata/RHSA-2025:11533
reference_id RHSA-2025:11533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11533
11
reference_url https://access.redhat.com/errata/RHSA-2025:11534
reference_id RHSA-2025:11534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11534
12
reference_url https://usn.ubuntu.com/7626-1/
reference_id USN-7626-1
reference_type
scores
url https://usn.ubuntu.com/7626-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2025-46835
risk_score 3.9
exploitability 0.5
weighted_severity 7.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2639-78xt-z7d3
5
url VCID-2nzq-cpwz-8uce
vulnerability_id VCID-2nzq-cpwz-8uce
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19604.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19604.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19604
reference_id
reference_type
scores
0
value 0.01339
scoring_system epss
scoring_elements 0.79955
published_at 2026-04-01T12:55:00Z
1
value 0.01339
scoring_system epss
scoring_elements 0.79962
published_at 2026-04-02T12:55:00Z
2
value 0.01339
scoring_system epss
scoring_elements 0.79984
published_at 2026-04-04T12:55:00Z
3
value 0.01339
scoring_system epss
scoring_elements 0.79973
published_at 2026-04-07T12:55:00Z
4
value 0.01339
scoring_system epss
scoring_elements 0.80001
published_at 2026-04-08T12:55:00Z
5
value 0.01339
scoring_system epss
scoring_elements 0.80009
published_at 2026-04-09T12:55:00Z
6
value 0.01339
scoring_system epss
scoring_elements 0.80029
published_at 2026-04-11T12:55:00Z
7
value 0.01339
scoring_system epss
scoring_elements 0.80013
published_at 2026-04-12T12:55:00Z
8
value 0.01339
scoring_system epss
scoring_elements 0.80005
published_at 2026-04-13T12:55:00Z
9
value 0.01339
scoring_system epss
scoring_elements 0.80034
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19604
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19604
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19604
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781971
reference_id 1781971
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781971
4
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
5
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
6
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
7
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-19604
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nzq-cpwz-8uce
6
url VCID-3917-1uyb-jfe5
vulnerability_id VCID-3917-1uyb-jfe5
summary 
Git contains multiple vulnerabilities that allow for the remote
    execution of arbitrary code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11235
reference_id
reference_type
scores
0
value 0.4172
scoring_system epss
scoring_elements 0.97394
published_at 2026-04-01T12:55:00Z
1
value 0.4172
scoring_system epss
scoring_elements 0.97431
published_at 2026-04-18T12:55:00Z
2
value 0.4172
scoring_system epss
scoring_elements 0.97415
published_at 2026-04-09T12:55:00Z
3
value 0.4172
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-11T12:55:00Z
4
value 0.4172
scoring_system epss
scoring_elements 0.97419
published_at 2026-04-13T12:55:00Z
5
value 0.4172
scoring_system epss
scoring_elements 0.97427
published_at 2026-04-16T12:55:00Z
6
value 0.4172
scoring_system epss
scoring_elements 0.974
published_at 2026-04-02T12:55:00Z
7
value 0.4172
scoring_system epss
scoring_elements 0.97405
published_at 2026-04-04T12:55:00Z
8
value 0.4172
scoring_system epss
scoring_elements 0.97407
published_at 2026-04-07T12:55:00Z
9
value 0.4172
scoring_system epss
scoring_elements 0.97414
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11235
3
reference_url https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
reference_id
reference_type
scores
url https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://marc.info/?l=git&m=152761328506724&w=2
reference_id
reference_type
scores
url https://marc.info/?l=git&m=152761328506724&w=2
7
reference_url https://www.debian.org/security/2018/dsa-4212
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4212
8
reference_url https://www.exploit-db.com/exploits/44822/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44822/
9
reference_url http://www.securityfocus.com/bid/104345
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104345
10
reference_url http://www.securitytracker.com/id/1040991
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040991
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1583862
reference_id 1583862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1583862
12
reference_url https://security.archlinux.org/ASA-201806-1
reference_id ASA-201806-1
reference_type
scores
url https://security.archlinux.org/ASA-201806-1
13
reference_url https://security.archlinux.org/AVG-711
reference_id AVG-711
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-711
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11235
reference_id CVE-2018-11235
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-11235
29
reference_url https://security.gentoo.org/glsa/201805-13
reference_id GLSA-201805-13
reference_type
scores
url https://security.gentoo.org/glsa/201805-13
30
reference_url https://access.redhat.com/errata/RHSA-2018:1957
reference_id RHSA-2018:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1957
31
reference_url https://access.redhat.com/errata/RHSA-2018:2147
reference_id RHSA-2018:2147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2147
32
reference_url https://usn.ubuntu.com/3671-1/
reference_id USN-3671-1
reference_type
scores
url https://usn.ubuntu.com/3671-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-11235
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3917-1uyb-jfe5
7
url VCID-3bkb-3m1h-m7fw
vulnerability_id VCID-3bkb-3m1h-m7fw
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41903.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41903.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-41903
reference_id
reference_type
scores
0
value 0.22424
scoring_system epss
scoring_elements 0.95846
published_at 2026-04-18T12:55:00Z
1
value 0.22424
scoring_system epss
scoring_elements 0.95824
published_at 2026-04-09T12:55:00Z
2
value 0.22424
scoring_system epss
scoring_elements 0.95828
published_at 2026-04-12T12:55:00Z
3
value 0.22424
scoring_system epss
scoring_elements 0.95829
published_at 2026-04-13T12:55:00Z
4
value 0.22424
scoring_system epss
scoring_elements 0.95841
published_at 2026-04-16T12:55:00Z
5
value 0.25734
scoring_system epss
scoring_elements 0.96216
published_at 2026-04-02T12:55:00Z
6
value 0.25734
scoring_system epss
scoring_elements 0.96223
published_at 2026-04-04T12:55:00Z
7
value 0.25734
scoring_system epss
scoring_elements 0.96237
published_at 2026-04-08T12:55:00Z
8
value 0.25734
scoring_system epss
scoring_elements 0.96228
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-41903
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114
reference_id 1029114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2162056
reference_id 2162056
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2162056
11
reference_url https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76
reference_id 508386c6c5857b4faa2c3e491f422c98cc69ae76
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/
url https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76
12
reference_url https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst
reference_id Customizing-Git-Git-Attributes#_export_subst
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/
url https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst
13
reference_url https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq
reference_id GHSA-475x-2q3q-hvwq
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/
url https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq
14
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/
url https://security.gentoo.org/glsa/202312-15
15
reference_url https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem
reference_id pretty-formats.txt-emltltNgttruncltruncmtruncem
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/
url https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem
16
reference_url https://access.redhat.com/errata/RHSA-2023:0596
reference_id RHSA-2023:0596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0596
17
reference_url https://access.redhat.com/errata/RHSA-2023:0597
reference_id RHSA-2023:0597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0597
18
reference_url https://access.redhat.com/errata/RHSA-2023:0599
reference_id RHSA-2023:0599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0599
19
reference_url https://access.redhat.com/errata/RHSA-2023:0609
reference_id RHSA-2023:0609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0609
20
reference_url https://access.redhat.com/errata/RHSA-2023:0610
reference_id RHSA-2023:0610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0610
21
reference_url https://access.redhat.com/errata/RHSA-2023:0611
reference_id RHSA-2023:0611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0611
22
reference_url https://access.redhat.com/errata/RHSA-2023:0627
reference_id RHSA-2023:0627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0627
23
reference_url https://access.redhat.com/errata/RHSA-2023:0628
reference_id RHSA-2023:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0628
24
reference_url https://access.redhat.com/errata/RHSA-2023:0978
reference_id RHSA-2023:0978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0978
25
reference_url https://access.redhat.com/errata/RHSA-2023:1677
reference_id RHSA-2023:1677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1677
26
reference_url https://usn.ubuntu.com/5810-1/
reference_id USN-5810-1
reference_type
scores
url https://usn.ubuntu.com/5810-1/
27
reference_url https://usn.ubuntu.com/5810-3/
reference_id USN-5810-3
reference_type
scores
url https://usn.ubuntu.com/5810-3/
28
reference_url https://usn.ubuntu.com/5810-4/
reference_id USN-5810-4
reference_type
scores
url https://usn.ubuntu.com/5810-4/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-41903
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bkb-3m1h-m7fw
8
url VCID-415p-yw6x-mucy
vulnerability_id VCID-415p-yw6x-mucy
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24765.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24765.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24765
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.39122
published_at 2026-04-18T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.3915
published_at 2026-04-04T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.39128
published_at 2026-04-02T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.3907
published_at 2026-04-07T12:55:00Z
4
value 0.00176
scoring_system epss
scoring_elements 0.39152
published_at 2026-04-16T12:55:00Z
5
value 0.00176
scoring_system epss
scoring_elements 0.39097
published_at 2026-04-13T12:55:00Z
6
value 0.00176
scoring_system epss
scoring_elements 0.39116
published_at 2026-04-12T12:55:00Z
7
value 0.00176
scoring_system epss
scoring_elements 0.39153
published_at 2026-04-11T12:55:00Z
8
value 0.00176
scoring_system epss
scoring_elements 0.39125
published_at 2026-04-08T12:55:00Z
9
value 0.00176
scoring_system epss
scoring_elements 0.39141
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24765
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2073414
reference_id 2073414
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2073414
10
reference_url http://seclists.org/fulldisclosure/2022/May/31
reference_id 31
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url http://seclists.org/fulldisclosure/2022/May/31
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
reference_id 5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/
12
reference_url http://www.openwall.com/lists/oss-security/2022/04/12/7
reference_id 7
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url http://www.openwall.com/lists/oss-security/2022/04/12/7
13
reference_url https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
reference_id Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash
14
reference_url https://security.archlinux.org/AVG-2679
reference_id AVG-2679
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2679
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
reference_id BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
reference_id DDI325LOO2XBDDKLINOAQJEG6MHAURZE
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
reference_id DIKWISWUDFT2FAITYIA6372BVLH3OOOC
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/
18
reference_url https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
reference_id git.txt-codeGITCEILINGDIRECTORIEScode
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode
19
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://security.gentoo.org/glsa/202312-15
20
reference_url https://support.apple.com/kb/HT213261
reference_id HT213261
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://support.apple.com/kb/HT213261
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
reference_id HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/
22
reference_url https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html
reference_id msg00025.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html
23
reference_url https://access.redhat.com/errata/RHSA-2023:2319
reference_id RHSA-2023:2319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2319
24
reference_url https://access.redhat.com/errata/RHSA-2023:2859
reference_id RHSA-2023:2859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2859
25
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
reference_id SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
reference_id TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/
28
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/
reference_id UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/
29
reference_url https://usn.ubuntu.com/5376-1/
reference_id USN-5376-1
reference_type
scores
url https://usn.ubuntu.com/5376-1/
30
reference_url https://usn.ubuntu.com/5376-2/
reference_id USN-5376-2
reference_type
scores
url https://usn.ubuntu.com/5376-2/
31
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
reference_id YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-24765
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-415p-yw6x-mucy
9
url VCID-44s3-56w5-jqhy
vulnerability_id VCID-44s3-56w5-jqhy
summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48384
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64639
published_at 2026-04-02T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64713
published_at 2026-04-18T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.64694
published_at 2026-04-12T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64666
published_at 2026-04-13T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64701
published_at 2026-04-16T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64667
published_at 2026-04-04T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64625
published_at 2026-04-07T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.64673
published_at 2026-04-08T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64689
published_at 2026-04-09T12:55:00Z
9
value 0.00472
scoring_system epss
scoring_elements 0.64705
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48384
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id 1108983
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2378806
reference_id 2378806
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2378806
6
reference_url https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9
reference_id GHSA-vwqx-4fm8-6qc9
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-26T03:55:23Z/
url https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9
7
reference_url https://security.gentoo.org/glsa/202507-09
reference_id GLSA-202507-09
reference_type
scores
url https://security.gentoo.org/glsa/202507-09
8
reference_url https://access.redhat.com/errata/RHSA-2025:11462
reference_id RHSA-2025:11462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11462
9
reference_url https://access.redhat.com/errata/RHSA-2025:11533
reference_id RHSA-2025:11533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11533
10
reference_url https://access.redhat.com/errata/RHSA-2025:11534
reference_id RHSA-2025:11534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11534
11
reference_url https://access.redhat.com/errata/RHSA-2025:11686
reference_id RHSA-2025:11686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11686
12
reference_url https://access.redhat.com/errata/RHSA-2025:11688
reference_id RHSA-2025:11688
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11688
13
reference_url https://access.redhat.com/errata/RHSA-2025:11793
reference_id RHSA-2025:11793
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11793
14
reference_url https://access.redhat.com/errata/RHSA-2025:11794
reference_id RHSA-2025:11794
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11794
15
reference_url https://access.redhat.com/errata/RHSA-2025:11795
reference_id RHSA-2025:11795
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11795
16
reference_url https://access.redhat.com/errata/RHSA-2025:11796
reference_id RHSA-2025:11796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11796
17
reference_url https://access.redhat.com/errata/RHSA-2025:11800
reference_id RHSA-2025:11800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11800
18
reference_url https://access.redhat.com/errata/RHSA-2025:11801
reference_id RHSA-2025:11801
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11801
19
reference_url https://access.redhat.com/errata/RHSA-2025:13276
reference_id RHSA-2025:13276
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13276
20
reference_url https://access.redhat.com/errata/RHSA-2025:13325
reference_id RHSA-2025:13325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13325
21
reference_url https://access.redhat.com/errata/RHSA-2025:13933
reference_id RHSA-2025:13933
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13933
22
reference_url https://access.redhat.com/errata/RHSA-2025:14059
reference_id RHSA-2025:14059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14059
23
reference_url https://access.redhat.com/errata/RHSA-2025:14396
reference_id RHSA-2025:14396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14396
24
reference_url https://access.redhat.com/errata/RHSA-2025:14853
reference_id RHSA-2025:14853
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14853
25
reference_url https://access.redhat.com/errata/RHSA-2025:14858
reference_id RHSA-2025:14858
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:14858
26
reference_url https://access.redhat.com/errata/RHSA-2025:15308
reference_id RHSA-2025:15308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15308
27
reference_url https://access.redhat.com/errata/RHSA-2025:15672
reference_id RHSA-2025:15672
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15672
28
reference_url https://access.redhat.com/errata/RHSA-2025:15827
reference_id RHSA-2025:15827
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15827
29
reference_url https://access.redhat.com/errata/RHSA-2025:15828
reference_id RHSA-2025:15828
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15828
30
reference_url https://usn.ubuntu.com/7626-1/
reference_id USN-7626-1
reference_type
scores
url https://usn.ubuntu.com/7626-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2025-48384
risk_score 10.0
exploitability 2.0
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44s3-56w5-jqhy
10
url VCID-6uub-fxap-pbfa
vulnerability_id VCID-6uub-fxap-pbfa
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23521.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23521.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-23521
reference_id
reference_type
scores
0
value 0.12292
scoring_system epss
scoring_elements 0.93831
published_at 2026-04-02T12:55:00Z
1
value 0.12292
scoring_system epss
scoring_elements 0.93888
published_at 2026-04-18T12:55:00Z
2
value 0.12292
scoring_system epss
scoring_elements 0.9384
published_at 2026-04-04T12:55:00Z
3
value 0.12292
scoring_system epss
scoring_elements 0.93843
published_at 2026-04-07T12:55:00Z
4
value 0.12292
scoring_system epss
scoring_elements 0.93851
published_at 2026-04-08T12:55:00Z
5
value 0.12292
scoring_system epss
scoring_elements 0.93855
published_at 2026-04-09T12:55:00Z
6
value 0.12292
scoring_system epss
scoring_elements 0.9386
published_at 2026-04-13T12:55:00Z
7
value 0.12292
scoring_system epss
scoring_elements 0.93882
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-23521
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114
reference_id 1029114
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2162055
reference_id 2162055
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2162055
11
reference_url https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76
reference_id 508386c6c5857b4faa2c3e491f422c98cc69ae76
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/
url https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76
12
reference_url https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89
reference_id GHSA-c738-c5qq-xg89
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/
url https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89
13
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/
url https://security.gentoo.org/glsa/202312-15
14
reference_url https://access.redhat.com/errata/RHSA-2023:0596
reference_id RHSA-2023:0596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0596
15
reference_url https://access.redhat.com/errata/RHSA-2023:0597
reference_id RHSA-2023:0597
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0597
16
reference_url https://access.redhat.com/errata/RHSA-2023:0599
reference_id RHSA-2023:0599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0599
17
reference_url https://access.redhat.com/errata/RHSA-2023:0609
reference_id RHSA-2023:0609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0609
18
reference_url https://access.redhat.com/errata/RHSA-2023:0610
reference_id RHSA-2023:0610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0610
19
reference_url https://access.redhat.com/errata/RHSA-2023:0611
reference_id RHSA-2023:0611
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0611
20
reference_url https://access.redhat.com/errata/RHSA-2023:0627
reference_id RHSA-2023:0627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0627
21
reference_url https://access.redhat.com/errata/RHSA-2023:0628
reference_id RHSA-2023:0628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0628
22
reference_url https://access.redhat.com/errata/RHSA-2023:0978
reference_id RHSA-2023:0978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0978
23
reference_url https://access.redhat.com/errata/RHSA-2023:1677
reference_id RHSA-2023:1677
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1677
24
reference_url https://usn.ubuntu.com/5810-1/
reference_id USN-5810-1
reference_type
scores
url https://usn.ubuntu.com/5810-1/
25
reference_url https://usn.ubuntu.com/5810-3/
reference_id USN-5810-3
reference_type
scores
url https://usn.ubuntu.com/5810-3/
26
reference_url https://usn.ubuntu.com/5810-4/
reference_id USN-5810-4
reference_type
scores
url https://usn.ubuntu.com/5810-4/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-23521
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6uub-fxap-pbfa
11
url VCID-6wfy-67je-97h1
vulnerability_id VCID-6wfy-67je-97h1
summary 
A command injection vulnerability in Git may allow remote attackers
    to execute arbitrary code.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2675
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2675
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000117
reference_id
reference_type
scores
0
value 0.76431
scoring_system epss
scoring_elements 0.98924
published_at 2026-04-01T12:55:00Z
1
value 0.76431
scoring_system epss
scoring_elements 0.98939
published_at 2026-04-18T12:55:00Z
2
value 0.76431
scoring_system epss
scoring_elements 0.9893
published_at 2026-04-07T12:55:00Z
3
value 0.76431
scoring_system epss
scoring_elements 0.98932
published_at 2026-04-09T12:55:00Z
4
value 0.76431
scoring_system epss
scoring_elements 0.98934
published_at 2026-04-11T12:55:00Z
5
value 0.76431
scoring_system epss
scoring_elements 0.98935
published_at 2026-04-13T12:55:00Z
6
value 0.76431
scoring_system epss
scoring_elements 0.98937
published_at 2026-04-16T12:55:00Z
7
value 0.76431
scoring_system epss
scoring_elements 0.98925
published_at 2026-04-02T12:55:00Z
8
value 0.76431
scoring_system epss
scoring_elements 0.98928
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000117
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://support.apple.com/HT208103
reference_id
reference_type
scores
url https://support.apple.com/HT208103
6
reference_url https://www.exploit-db.com/exploits/42599/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42599/
7
reference_url https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html
reference_id
reference_type
scores
url https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html
8
reference_url http://www.debian.org/security/2017/dsa-3934
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3934
9
reference_url http://www.securityfocus.com/bid/100283
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100283
10
reference_url http://www.securitytracker.com/id/1039131
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039131
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1480386
reference_id 1480386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1480386
12
reference_url https://security.archlinux.org/ASA-201708-6
reference_id ASA-201708-6
reference_type
scores
url https://security.archlinux.org/ASA-201708-6
13
reference_url https://security.archlinux.org/AVG-377
reference_id AVG-377
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-377
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
65
reference_url https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb
reference_id CVE-2017-1000117
reference_type exploit
scores
url https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb
66
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb
reference_id CVE-2017-1000117
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000117
reference_id CVE-2017-1000117
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000117
68
reference_url https://security.gentoo.org/glsa/201709-10
reference_id GLSA-201709-10
reference_type
scores
url https://security.gentoo.org/glsa/201709-10
69
reference_url https://access.redhat.com/errata/RHSA-2017:2484
reference_id RHSA-2017:2484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2484
70
reference_url https://access.redhat.com/errata/RHSA-2017:2485
reference_id RHSA-2017:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2485
71
reference_url https://access.redhat.com/errata/RHSA-2017:2491
reference_id RHSA-2017:2491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2491
72
reference_url https://access.redhat.com/errata/RHSA-2017:2674
reference_id RHSA-2017:2674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2674
73
reference_url https://usn.ubuntu.com/3387-1/
reference_id USN-3387-1
reference_type
scores
url https://usn.ubuntu.com/3387-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2017-1000117
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wfy-67je-97h1
12
url VCID-7s2v-tjh1-pfb9
vulnerability_id VCID-7s2v-tjh1-pfb9
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17456
reference_id
reference_type
scores
0
value 0.66226
scoring_system epss
scoring_elements 0.98512
published_at 2026-04-01T12:55:00Z
1
value 0.66226
scoring_system epss
scoring_elements 0.9853
published_at 2026-04-18T12:55:00Z
2
value 0.66226
scoring_system epss
scoring_elements 0.98523
published_at 2026-04-13T12:55:00Z
3
value 0.66226
scoring_system epss
scoring_elements 0.98529
published_at 2026-04-16T12:55:00Z
4
value 0.66226
scoring_system epss
scoring_elements 0.98514
published_at 2026-04-02T12:55:00Z
5
value 0.66226
scoring_system epss
scoring_elements 0.98516
published_at 2026-04-07T12:55:00Z
6
value 0.66226
scoring_system epss
scoring_elements 0.9852
published_at 2026-04-08T12:55:00Z
7
value 0.66226
scoring_system epss
scoring_elements 0.98521
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17456
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1636619
reference_id 1636619
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1636619
5
reference_url https://security.archlinux.org/ASA-201810-7
reference_id ASA-201810-7
reference_type
scores
url https://security.archlinux.org/ASA-201810-7
6
reference_url https://security.archlinux.org/AVG-776
reference_id AVG-776
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-776
7
reference_url https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md
10
reference_url https://marc.info/?l=git&m=153875888916397&w=2
reference_id CVE-2018-17456
reference_type exploit
scores
url https://marc.info/?l=git&m=153875888916397&w=2
11
reference_url https://access.redhat.com/errata/RHSA-2018:3408
reference_id RHSA-2018:3408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3408
12
reference_url https://access.redhat.com/errata/RHSA-2018:3541
reference_id RHSA-2018:3541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3541
13
reference_url https://access.redhat.com/errata/RHSA-2020:0316
reference_id RHSA-2020:0316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0316
14
reference_url https://usn.ubuntu.com/3791-1/
reference_id USN-3791-1
reference_type
scores
url https://usn.ubuntu.com/3791-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-17456
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2v-tjh1-pfb9
13
url VCID-7wv5-e9br-nqbd
vulnerability_id VCID-7wv5-e9br-nqbd
summary 
Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1387
reference_id
reference_type
scores
0
value 0.02175
scoring_system epss
scoring_elements 0.84335
published_at 2026-04-12T12:55:00Z
1
value 0.02175
scoring_system epss
scoring_elements 0.84342
published_at 2026-04-11T12:55:00Z
2
value 0.02175
scoring_system epss
scoring_elements 0.84354
published_at 2026-04-18T12:55:00Z
3
value 0.02175
scoring_system epss
scoring_elements 0.84324
published_at 2026-04-09T12:55:00Z
4
value 0.02175
scoring_system epss
scoring_elements 0.84353
published_at 2026-04-16T12:55:00Z
5
value 0.02175
scoring_system epss
scoring_elements 0.84331
published_at 2026-04-13T12:55:00Z
6
value 0.02358
scoring_system epss
scoring_elements 0.84877
published_at 2026-04-04T12:55:00Z
7
value 0.02358
scoring_system epss
scoring_elements 0.84858
published_at 2026-04-02T12:55:00Z
8
value 0.02358
scoring_system epss
scoring_elements 0.84878
published_at 2026-04-07T12:55:00Z
9
value 0.02358
scoring_system epss
scoring_elements 0.84843
published_at 2026-04-01T12:55:00Z
10
value 0.02358
scoring_system epss
scoring_elements 0.84901
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781127
reference_id 1781127
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781127
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://security.gentoo.org/glsa/202003-42
reference_id GLSA-202003-42
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://security.gentoo.org/glsa/202003-42
14
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
15
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html
reference_id msg00019.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html
16
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/
reference_id N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/
18
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2019:4356
19
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0002
20
reference_url https://access.redhat.com/errata/RHSA-2020:0124
reference_id RHSA-2020:0124
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0124
21
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0228
22
reference_url https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u
reference_id #u
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u
23
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
24
reference_url https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/
reference_id xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2019-1387
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wv5-e9br-nqbd
14
url VCID-9ngj-sk96-kyh5
vulnerability_id VCID-9ngj-sk96-kyh5
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-29007
reference_id
reference_type
scores
0
value 0.00825
scoring_system epss
scoring_elements 0.74413
published_at 2026-04-02T12:55:00Z
1
value 0.00825
scoring_system epss
scoring_elements 0.7444
published_at 2026-04-04T12:55:00Z
2
value 0.00825
scoring_system epss
scoring_elements 0.74415
published_at 2026-04-07T12:55:00Z
3
value 0.00825
scoring_system epss
scoring_elements 0.74447
published_at 2026-04-08T12:55:00Z
4
value 0.00825
scoring_system epss
scoring_elements 0.74464
published_at 2026-04-09T12:55:00Z
5
value 0.00825
scoring_system epss
scoring_elements 0.74486
published_at 2026-04-11T12:55:00Z
6
value 0.00825
scoring_system epss
scoring_elements 0.74466
published_at 2026-04-12T12:55:00Z
7
value 0.00825
scoring_system epss
scoring_elements 0.74457
published_at 2026-04-13T12:55:00Z
8
value 0.00825
scoring_system epss
scoring_elements 0.74495
published_at 2026-04-16T12:55:00Z
9
value 0.00825
scoring_system epss
scoring_elements 0.74502
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-29007
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id 1034835
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2188338
reference_id 2188338
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2188338
6
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
7
reference_url https://access.redhat.com/errata/RHSA-2023:3192
reference_id RHSA-2023:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3192
8
reference_url https://access.redhat.com/errata/RHSA-2023:3243
reference_id RHSA-2023:3243
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3243
9
reference_url https://access.redhat.com/errata/RHSA-2023:3245
reference_id RHSA-2023:3245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3245
10
reference_url https://access.redhat.com/errata/RHSA-2023:3246
reference_id RHSA-2023:3246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3246
11
reference_url https://access.redhat.com/errata/RHSA-2023:3247
reference_id RHSA-2023:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3247
12
reference_url https://access.redhat.com/errata/RHSA-2023:3248
reference_id RHSA-2023:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3248
13
reference_url https://access.redhat.com/errata/RHSA-2023:3263
reference_id RHSA-2023:3263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3263
14
reference_url https://access.redhat.com/errata/RHSA-2023:3280
reference_id RHSA-2023:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3280
15
reference_url https://access.redhat.com/errata/RHSA-2023:3382
reference_id RHSA-2023:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3382
16
reference_url https://usn.ubuntu.com/6050-1/
reference_id USN-6050-1
reference_type
scores
url https://usn.ubuntu.com/6050-1/
17
reference_url https://usn.ubuntu.com/6050-2/
reference_id USN-6050-2
reference_type
scores
url https://usn.ubuntu.com/6050-2/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2023-29007
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ngj-sk96-kyh5
15
url VCID-apjt-gm8p-q7bg
vulnerability_id VCID-apjt-gm8p-q7bg
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1354.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1354.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1354
reference_id
reference_type
scores
0
value 0.26102
scoring_system epss
scoring_elements 0.96298
published_at 2026-04-18T12:55:00Z
1
value 0.26102
scoring_system epss
scoring_elements 0.96294
published_at 2026-04-16T12:55:00Z
2
value 0.26102
scoring_system epss
scoring_elements 0.96246
published_at 2026-04-01T12:55:00Z
3
value 0.26102
scoring_system epss
scoring_elements 0.96253
published_at 2026-04-02T12:55:00Z
4
value 0.26102
scoring_system epss
scoring_elements 0.96261
published_at 2026-04-04T12:55:00Z
5
value 0.26102
scoring_system epss
scoring_elements 0.96265
published_at 2026-04-07T12:55:00Z
6
value 0.26102
scoring_system epss
scoring_elements 0.96274
published_at 2026-04-08T12:55:00Z
7
value 0.26102
scoring_system epss
scoring_elements 0.96277
published_at 2026-04-09T12:55:00Z
8
value 0.26102
scoring_system epss
scoring_elements 0.96282
published_at 2026-04-11T12:55:00Z
9
value 0.26102
scoring_system epss
scoring_elements 0.96281
published_at 2026-04-12T12:55:00Z
10
value 0.26102
scoring_system epss
scoring_elements 0.96285
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1354
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781968
reference_id 1781968
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781968
5
reference_url https://security.archlinux.org/AVG-1074
reference_id AVG-1074
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1074
6
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
7
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1354
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-apjt-gm8p-q7bg
16
url VCID-bkt1-jmy5-gbbf
vulnerability_id VCID-bkt1-jmy5-gbbf
summary git: symlink bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32021
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05527
published_at 2026-04-18T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05519
published_at 2026-04-02T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.05555
published_at 2026-04-04T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05554
published_at 2026-04-07T12:55:00Z
4
value 0.00021
scoring_system epss
scoring_elements 0.05592
published_at 2026-04-08T12:55:00Z
5
value 0.00021
scoring_system epss
scoring_elements 0.05616
published_at 2026-04-09T12:55:00Z
6
value 0.00021
scoring_system epss
scoring_elements 0.05587
published_at 2026-04-11T12:55:00Z
7
value 0.00021
scoring_system epss
scoring_elements 0.05577
published_at 2026-04-12T12:55:00Z
8
value 0.00021
scoring_system epss
scoring_elements 0.0557
published_at 2026-04-13T12:55:00Z
9
value 0.00021
scoring_system epss
scoring_elements 0.05518
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id 1071160
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
5
reference_url http://www.openwall.com/lists/oss-security/2024/05/14/2
reference_id 2
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/
url http://www.openwall.com/lists/oss-security/2024/05/14/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2280484
reference_id 2280484
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2280484
7
reference_url https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7
reference_id GHSA-mvxm-9j2h-qjx7
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/
url https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7
8
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
9
reference_url https://access.redhat.com/errata/RHSA-2024:4083
reference_id RHSA-2024:4083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4083
10
reference_url https://access.redhat.com/errata/RHSA-2024:4084
reference_id RHSA-2024:4084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4084
11
reference_url https://access.redhat.com/errata/RHSA-2024:4368
reference_id RHSA-2024:4368
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4368
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
reference_id S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
13
reference_url https://usn.ubuntu.com/6793-1/
reference_id USN-6793-1
reference_type
scores
url https://usn.ubuntu.com/6793-1/
14
reference_url https://usn.ubuntu.com/7023-1/
reference_id USN-7023-1
reference_type
scores
url https://usn.ubuntu.com/7023-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-32021
risk_score 1.8
exploitability 0.5
weighted_severity 3.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkt1-jmy5-gbbf
17
url VCID-bn42-x9ez-f7ee
vulnerability_id VCID-bn42-x9ez-f7ee
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39253.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39253.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39253
reference_id
reference_type
scores
0
value 0.02794
scoring_system epss
scoring_elements 0.8604
published_at 2026-04-02T12:55:00Z
1
value 0.02794
scoring_system epss
scoring_elements 0.86057
published_at 2026-04-07T12:55:00Z
2
value 0.02794
scoring_system epss
scoring_elements 0.86076
published_at 2026-04-08T12:55:00Z
3
value 0.02794
scoring_system epss
scoring_elements 0.86087
published_at 2026-04-09T12:55:00Z
4
value 0.02794
scoring_system epss
scoring_elements 0.86101
published_at 2026-04-11T12:55:00Z
5
value 0.02794
scoring_system epss
scoring_elements 0.86098
published_at 2026-04-12T12:55:00Z
6
value 0.02794
scoring_system epss
scoring_elements 0.86094
published_at 2026-04-13T12:55:00Z
7
value 0.02794
scoring_system epss
scoring_elements 0.86111
published_at 2026-04-16T12:55:00Z
8
value 0.02794
scoring_system epss
scoring_elements 0.86116
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39253
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046
reference_id 1022046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137422
reference_id 2137422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2137422
11
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
12
reference_url https://access.redhat.com/errata/RHSA-2023:2319
reference_id RHSA-2023:2319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2319
13
reference_url https://access.redhat.com/errata/RHSA-2023:2859
reference_id RHSA-2023:2859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2859
14
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
15
reference_url https://usn.ubuntu.com/5686-1/
reference_id USN-5686-1
reference_type
scores
url https://usn.ubuntu.com/5686-1/
16
reference_url https://usn.ubuntu.com/5686-3/
reference_id USN-5686-3
reference_type
scores
url https://usn.ubuntu.com/5686-3/
17
reference_url https://usn.ubuntu.com/5686-4/
reference_id USN-5686-4
reference_type
scores
url https://usn.ubuntu.com/5686-4/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-39253
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bn42-x9ez-f7ee
18
url VCID-e33d-r9kx-aucw
vulnerability_id VCID-e33d-r9kx-aucw
summary git: additional local RCE
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32465
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.36205
published_at 2026-04-18T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.36301
published_at 2026-04-02T12:55:00Z
2
value 0.00155
scoring_system epss
scoring_elements 0.36334
published_at 2026-04-04T12:55:00Z
3
value 0.00155
scoring_system epss
scoring_elements 0.36168
published_at 2026-04-07T12:55:00Z
4
value 0.00155
scoring_system epss
scoring_elements 0.36218
published_at 2026-04-08T12:55:00Z
5
value 0.00155
scoring_system epss
scoring_elements 0.36236
published_at 2026-04-09T12:55:00Z
6
value 0.00155
scoring_system epss
scoring_elements 0.36241
published_at 2026-04-11T12:55:00Z
7
value 0.00155
scoring_system epss
scoring_elements 0.36204
published_at 2026-04-12T12:55:00Z
8
value 0.00155
scoring_system epss
scoring_elements 0.36179
published_at 2026-04-13T12:55:00Z
9
value 0.00155
scoring_system epss
scoring_elements 0.36221
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32465
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id 1071160
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
5
reference_url http://www.openwall.com/lists/oss-security/2024/05/14/2
reference_id 2
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url http://www.openwall.com/lists/oss-security/2024/05/14/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2280446
reference_id 2280446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2280446
7
reference_url https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
reference_id 7b70e9efb18c2cc3f219af399bd384c5801ba1d7
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7
8
reference_url https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4
reference_id GHSA-vm9j-46j9-qvq4
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4
9
reference_url https://git-scm.com/docs/git-clone
reference_id git-clone
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://git-scm.com/docs/git-clone
10
reference_url https://git-scm.com/docs/git#_security
reference_id git#_security
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://git-scm.com/docs/git#_security
11
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
12
reference_url https://access.redhat.com/errata/RHSA-2024:4083
reference_id RHSA-2024:4083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4083
13
reference_url https://access.redhat.com/errata/RHSA-2024:4084
reference_id RHSA-2024:4084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4084
14
reference_url https://access.redhat.com/errata/RHSA-2024:4368
reference_id RHSA-2024:4368
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4368
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
reference_id S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
16
reference_url https://usn.ubuntu.com/6793-1/
reference_id USN-6793-1
reference_type
scores
url https://usn.ubuntu.com/6793-1/
17
reference_url https://usn.ubuntu.com/7023-1/
reference_id USN-7023-1
reference_type
scores
url https://usn.ubuntu.com/7023-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-32465
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e33d-r9kx-aucw
19
url VCID-fmwm-yd3f-muh3
vulnerability_id VCID-fmwm-yd3f-muh3
summary 
Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1350.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1350.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1350
reference_id
reference_type
scores
0
value 0.37523
scoring_system epss
scoring_elements 0.97197
published_at 2026-04-18T12:55:00Z
1
value 0.37523
scoring_system epss
scoring_elements 0.97158
published_at 2026-04-01T12:55:00Z
2
value 0.37523
scoring_system epss
scoring_elements 0.97165
published_at 2026-04-02T12:55:00Z
3
value 0.37523
scoring_system epss
scoring_elements 0.9717
published_at 2026-04-04T12:55:00Z
4
value 0.37523
scoring_system epss
scoring_elements 0.97171
published_at 2026-04-07T12:55:00Z
5
value 0.37523
scoring_system epss
scoring_elements 0.97181
published_at 2026-04-08T12:55:00Z
6
value 0.37523
scoring_system epss
scoring_elements 0.97182
published_at 2026-04-09T12:55:00Z
7
value 0.37523
scoring_system epss
scoring_elements 0.97186
published_at 2026-04-11T12:55:00Z
8
value 0.37523
scoring_system epss
scoring_elements 0.97187
published_at 2026-04-13T12:55:00Z
9
value 0.37523
scoring_system epss
scoring_elements 0.97195
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1350
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781958
reference_id 1781958
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781958
4
reference_url https://security.archlinux.org/AVG-1074
reference_id AVG-1074
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1074
5
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
6
reference_url https://security.gentoo.org/glsa/202003-42
reference_id GLSA-202003-42
reference_type
scores
url https://security.gentoo.org/glsa/202003-42
7
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1350
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmwm-yd3f-muh3
20
url VCID-frhz-f158-v7be
vulnerability_id VCID-frhz-f158-v7be
summary 
Multiple vulnerabilities have been found in Git which might all
    allow attackers to access sensitive information.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
2
reference_url http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5260
reference_id
reference_type
scores
0
value 0.32539
scoring_system epss
scoring_elements 0.9683
published_at 2026-04-01T12:55:00Z
1
value 0.32539
scoring_system epss
scoring_elements 0.96869
published_at 2026-04-18T12:55:00Z
2
value 0.32539
scoring_system epss
scoring_elements 0.96853
published_at 2026-04-09T12:55:00Z
3
value 0.32539
scoring_system epss
scoring_elements 0.96856
published_at 2026-04-11T12:55:00Z
4
value 0.32539
scoring_system epss
scoring_elements 0.96857
published_at 2026-04-12T12:55:00Z
5
value 0.32539
scoring_system epss
scoring_elements 0.96858
published_at 2026-04-13T12:55:00Z
6
value 0.32539
scoring_system epss
scoring_elements 0.96865
published_at 2026-04-16T12:55:00Z
7
value 0.32539
scoring_system epss
scoring_elements 0.96838
published_at 2026-04-02T12:55:00Z
8
value 0.32539
scoring_system epss
scoring_elements 0.96839
published_at 2026-04-04T12:55:00Z
9
value 0.32539
scoring_system epss
scoring_elements 0.96844
published_at 2026-04-07T12:55:00Z
10
value 0.32539
scoring_system epss
scoring_elements 0.96852
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5260
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
reference_id
reference_type
scores
url https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
8
reference_url https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/
14
reference_url https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/
reference_id
reference_type
scores
url https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/
15
reference_url https://support.apple.com/kb/HT211141
reference_id
reference_type
scores
url https://support.apple.com/kb/HT211141
16
reference_url https://www.debian.org/security/2020/dsa-4657
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4657
17
reference_url http://www.openwall.com/lists/oss-security/2020/04/15/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/15/5
18
reference_url http://www.openwall.com/lists/oss-security/2020/04/15/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/15/6
19
reference_url http://www.openwall.com/lists/oss-security/2020/04/20/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/20/1
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1822020
reference_id 1822020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1822020
21
reference_url https://security.archlinux.org/ASA-202004-13
reference_id ASA-202004-13
reference_type
scores
url https://security.archlinux.org/ASA-202004-13
22
reference_url https://security.archlinux.org/AVG-1133
reference_id AVG-1133
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1133
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5260
reference_id CVE-2020-5260
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-5260
36
reference_url https://security.gentoo.org/glsa/202004-13
reference_id GLSA-202004-13
reference_type
scores
url https://security.gentoo.org/glsa/202004-13
37
reference_url https://access.redhat.com/errata/RHSA-2020:1503
reference_id RHSA-2020:1503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1503
38
reference_url https://access.redhat.com/errata/RHSA-2020:1511
reference_id RHSA-2020:1511
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1511
39
reference_url https://access.redhat.com/errata/RHSA-2020:1513
reference_id RHSA-2020:1513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1513
40
reference_url https://access.redhat.com/errata/RHSA-2020:1518
reference_id RHSA-2020:1518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1518
41
reference_url https://access.redhat.com/errata/RHSA-2020:3581
reference_id RHSA-2020:3581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3581
42
reference_url https://usn.ubuntu.com/4329-1/
reference_id USN-4329-1
reference_type
scores
url https://usn.ubuntu.com/4329-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2020-5260
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-frhz-f158-v7be
21
url VCID-h8as-wpes-q7eq
vulnerability_id VCID-h8as-wpes-q7eq
summary A vulnerability has been found in libgit2 which could result in privilege escalation.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29187.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29187.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29187
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21647
published_at 2026-04-18T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21642
published_at 2026-04-13T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.2164
published_at 2026-04-16T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21788
published_at 2026-04-02T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21841
published_at 2026-04-04T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21594
published_at 2026-04-07T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.2167
published_at 2026-04-08T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21727
published_at 2026-04-09T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21738
published_at 2026-04-11T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21699
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29187
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014848
reference_id 1014848
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014848
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2107439
reference_id 2107439
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2107439
11
reference_url https://security.archlinux.org/AVG-2778
reference_id AVG-2778
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2778
12
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
13
reference_url https://security.gentoo.org/glsa/202401-17
reference_id GLSA-202401-17
reference_type
scores
url https://security.gentoo.org/glsa/202401-17
14
reference_url https://access.redhat.com/errata/RHSA-2023:2319
reference_id RHSA-2023:2319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2319
15
reference_url https://access.redhat.com/errata/RHSA-2023:2859
reference_id RHSA-2023:2859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2859
16
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
17
reference_url https://usn.ubuntu.com/5511-1/
reference_id USN-5511-1
reference_type
scores
url https://usn.ubuntu.com/5511-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-29187
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8as-wpes-q7eq
22
url VCID-hr22-p62n-hqd9
vulnerability_id VCID-hr22-p62n-hqd9
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25652
reference_id
reference_type
scores
0
value 0.01801
scoring_system epss
scoring_elements 0.82742
published_at 2026-04-02T12:55:00Z
1
value 0.01801
scoring_system epss
scoring_elements 0.8283
published_at 2026-04-18T12:55:00Z
2
value 0.01801
scoring_system epss
scoring_elements 0.82756
published_at 2026-04-04T12:55:00Z
3
value 0.01801
scoring_system epss
scoring_elements 0.82753
published_at 2026-04-07T12:55:00Z
4
value 0.01801
scoring_system epss
scoring_elements 0.82779
published_at 2026-04-08T12:55:00Z
5
value 0.01801
scoring_system epss
scoring_elements 0.82785
published_at 2026-04-09T12:55:00Z
6
value 0.01801
scoring_system epss
scoring_elements 0.82802
published_at 2026-04-11T12:55:00Z
7
value 0.01801
scoring_system epss
scoring_elements 0.82797
published_at 2026-04-12T12:55:00Z
8
value 0.01801
scoring_system epss
scoring_elements 0.82792
published_at 2026-04-13T12:55:00Z
9
value 0.01801
scoring_system epss
scoring_elements 0.82831
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25652
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id 1034835
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
5
reference_url https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902
reference_id 18e2b1cfc80990719275d7b08e6e50f3e8cbc902
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902
6
reference_url http://www.openwall.com/lists/oss-security/2023/04/25/2
reference_id 2
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url http://www.openwall.com/lists/oss-security/2023/04/25/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2188333
reference_id 2188333
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2188333
8
reference_url https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e
reference_id 668f2d53613ac8fd373926ebe219f2c29112d93e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/
reference_id BSXOGVVBJLYX26IAYX6PJSYQB36BREWH
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/
10
reference_url https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
reference_id GHSA-2hvf-7c8p-28fx
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx
11
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://security.gentoo.org/glsa/202312-15
12
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/
reference_id PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/
14
reference_url https://access.redhat.com/errata/RHSA-2023:3192
reference_id RHSA-2023:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3192
15
reference_url https://access.redhat.com/errata/RHSA-2023:3243
reference_id RHSA-2023:3243
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3243
16
reference_url https://access.redhat.com/errata/RHSA-2023:3245
reference_id RHSA-2023:3245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3245
17
reference_url https://access.redhat.com/errata/RHSA-2023:3246
reference_id RHSA-2023:3246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3246
18
reference_url https://access.redhat.com/errata/RHSA-2023:3247
reference_id RHSA-2023:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3247
19
reference_url https://access.redhat.com/errata/RHSA-2023:3248
reference_id RHSA-2023:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3248
20
reference_url https://access.redhat.com/errata/RHSA-2023:3263
reference_id RHSA-2023:3263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3263
21
reference_url https://access.redhat.com/errata/RHSA-2023:3280
reference_id RHSA-2023:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3280
22
reference_url https://access.redhat.com/errata/RHSA-2023:3382
reference_id RHSA-2023:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3382
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/
reference_id RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/
24
reference_url https://usn.ubuntu.com/6050-1/
reference_id USN-6050-1
reference_type
scores
url https://usn.ubuntu.com/6050-1/
25
reference_url https://usn.ubuntu.com/6050-2/
reference_id USN-6050-2
reference_type
scores
url https://usn.ubuntu.com/6050-2/
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/
reference_id YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2023-25652
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr22-p62n-hqd9
23
url VCID-m5ss-32kw-tyf7
vulnerability_id VCID-m5ss-32kw-tyf7
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1351.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1351.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1351
reference_id
reference_type
scores
0
value 0.22642
scoring_system epss
scoring_elements 0.95872
published_at 2026-04-18T12:55:00Z
1
value 0.22642
scoring_system epss
scoring_elements 0.9582
published_at 2026-04-01T12:55:00Z
2
value 0.22642
scoring_system epss
scoring_elements 0.95828
published_at 2026-04-02T12:55:00Z
3
value 0.22642
scoring_system epss
scoring_elements 0.95837
published_at 2026-04-04T12:55:00Z
4
value 0.22642
scoring_system epss
scoring_elements 0.95839
published_at 2026-04-07T12:55:00Z
5
value 0.22642
scoring_system epss
scoring_elements 0.95848
published_at 2026-04-08T12:55:00Z
6
value 0.22642
scoring_system epss
scoring_elements 0.95851
published_at 2026-04-09T12:55:00Z
7
value 0.22642
scoring_system epss
scoring_elements 0.95854
published_at 2026-04-12T12:55:00Z
8
value 0.22642
scoring_system epss
scoring_elements 0.95855
published_at 2026-04-13T12:55:00Z
9
value 0.22642
scoring_system epss
scoring_elements 0.95867
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1351
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781960
reference_id 1781960
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781960
4
reference_url https://security.archlinux.org/AVG-1074
reference_id AVG-1074
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1074
5
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
6
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1351
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ss-32kw-tyf7
24
url VCID-m64b-xncz-6khh
vulnerability_id VCID-m64b-xncz-6khh
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14867
reference_id
reference_type
scores
0
value 0.06534
scoring_system epss
scoring_elements 0.91147
published_at 2026-04-18T12:55:00Z
1
value 0.06968
scoring_system epss
scoring_elements 0.914
published_at 2026-04-01T12:55:00Z
2
value 0.06968
scoring_system epss
scoring_elements 0.91447
published_at 2026-04-11T12:55:00Z
3
value 0.06968
scoring_system epss
scoring_elements 0.9145
published_at 2026-04-12T12:55:00Z
4
value 0.06968
scoring_system epss
scoring_elements 0.91449
published_at 2026-04-13T12:55:00Z
5
value 0.06968
scoring_system epss
scoring_elements 0.91473
published_at 2026-04-16T12:55:00Z
6
value 0.06968
scoring_system epss
scoring_elements 0.91406
published_at 2026-04-02T12:55:00Z
7
value 0.06968
scoring_system epss
scoring_elements 0.91415
published_at 2026-04-04T12:55:00Z
8
value 0.06968
scoring_system epss
scoring_elements 0.91423
published_at 2026-04-07T12:55:00Z
9
value 0.06968
scoring_system epss
scoring_elements 0.91435
published_at 2026-04-08T12:55:00Z
10
value 0.06968
scoring_system epss
scoring_elements 0.91441
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14867
2
reference_url https://bugs.debian.org/876854
reference_id
reference_type
scores
url https://bugs.debian.org/876854
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.debian.org/debian-security-announce/2017/msg00246.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-security-announce/2017/msg00246.html
6
reference_url https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u
reference_id
reference_type
scores
url https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u
7
reference_url https://www.debian.org/security/2017/dsa-3984
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3984
8
reference_url http://www.openwall.com/lists/oss-security/2017/09/26/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/09/26/9
9
reference_url http://www.securityfocus.com/bid/101060
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101060
10
reference_url http://www.securitytracker.com/id/1039431
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039431
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1496344
reference_id 1496344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1496344
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854
reference_id 876854
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14867
reference_id CVE-2017-14867
reference_type
scores
0
value 9.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-14867
34
reference_url https://usn.ubuntu.com/3438-1/
reference_id USN-3438-1
reference_type
scores
url https://usn.ubuntu.com/3438-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2017-14867
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m64b-xncz-6khh
25
url VCID-mhs7-a1hp-dqa3
vulnerability_id VCID-mhs7-a1hp-dqa3
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39260.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39260.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39260
reference_id
reference_type
scores
0
value 0.01274
scoring_system epss
scoring_elements 0.79489
published_at 2026-04-02T12:55:00Z
1
value 0.02232
scoring_system epss
scoring_elements 0.84499
published_at 2026-04-07T12:55:00Z
2
value 0.02232
scoring_system epss
scoring_elements 0.8452
published_at 2026-04-08T12:55:00Z
3
value 0.02232
scoring_system epss
scoring_elements 0.84526
published_at 2026-04-09T12:55:00Z
4
value 0.02232
scoring_system epss
scoring_elements 0.84545
published_at 2026-04-11T12:55:00Z
5
value 0.02232
scoring_system epss
scoring_elements 0.84539
published_at 2026-04-12T12:55:00Z
6
value 0.02232
scoring_system epss
scoring_elements 0.84535
published_at 2026-04-13T12:55:00Z
7
value 0.02232
scoring_system epss
scoring_elements 0.84556
published_at 2026-04-18T12:55:00Z
8
value 0.02232
scoring_system epss
scoring_elements 0.84497
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39260
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046
reference_id 1022046
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2137423
reference_id 2137423
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2137423
11
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
12
reference_url https://access.redhat.com/errata/RHSA-2023:2319
reference_id RHSA-2023:2319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2319
13
reference_url https://access.redhat.com/errata/RHSA-2023:2859
reference_id RHSA-2023:2859
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2859
14
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
15
reference_url https://usn.ubuntu.com/5686-1/
reference_id USN-5686-1
reference_type
scores
url https://usn.ubuntu.com/5686-1/
16
reference_url https://usn.ubuntu.com/5686-2/
reference_id USN-5686-2
reference_type
scores
url https://usn.ubuntu.com/5686-2/
17
reference_url https://usn.ubuntu.com/5686-3/
reference_id USN-5686-3
reference_type
scores
url https://usn.ubuntu.com/5686-3/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2022-39260
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mhs7-a1hp-dqa3
26
url VCID-mzyt-2sh3-wydh
vulnerability_id VCID-mzyt-2sh3-wydh
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1352
reference_id
reference_type
scores
0
value 0.11038
scoring_system epss
scoring_elements 0.9346
published_at 2026-04-18T12:55:00Z
1
value 0.11038
scoring_system epss
scoring_elements 0.93429
published_at 2026-04-09T12:55:00Z
2
value 0.11038
scoring_system epss
scoring_elements 0.93434
published_at 2026-04-11T12:55:00Z
3
value 0.11038
scoring_system epss
scoring_elements 0.93435
published_at 2026-04-12T12:55:00Z
4
value 0.11038
scoring_system epss
scoring_elements 0.93436
published_at 2026-04-13T12:55:00Z
5
value 0.11038
scoring_system epss
scoring_elements 0.93455
published_at 2026-04-16T12:55:00Z
6
value 0.11847
scoring_system epss
scoring_elements 0.93707
published_at 2026-04-04T12:55:00Z
7
value 0.11847
scoring_system epss
scoring_elements 0.93687
published_at 2026-04-01T12:55:00Z
8
value 0.11847
scoring_system epss
scoring_elements 0.9371
published_at 2026-04-07T12:55:00Z
9
value 0.11847
scoring_system epss
scoring_elements 0.93719
published_at 2026-04-08T12:55:00Z
10
value 0.11847
scoring_system epss
scoring_elements 0.93697
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1352
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781963
reference_id 1781963
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781963
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
14
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
15
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
16
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1352
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzyt-2sh3-wydh
27
url VCID-r377-hfyz-pkgz
vulnerability_id VCID-r377-hfyz-pkgz
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19486.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19486.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19486
reference_id
reference_type
scores
0
value 0.00665
scoring_system epss
scoring_elements 0.71165
published_at 2026-04-01T12:55:00Z
1
value 0.00665
scoring_system epss
scoring_elements 0.71174
published_at 2026-04-02T12:55:00Z
2
value 0.00665
scoring_system epss
scoring_elements 0.71191
published_at 2026-04-04T12:55:00Z
3
value 0.00665
scoring_system epss
scoring_elements 0.71166
published_at 2026-04-07T12:55:00Z
4
value 0.00665
scoring_system epss
scoring_elements 0.71208
published_at 2026-04-08T12:55:00Z
5
value 0.00665
scoring_system epss
scoring_elements 0.71222
published_at 2026-04-09T12:55:00Z
6
value 0.00665
scoring_system epss
scoring_elements 0.71244
published_at 2026-04-11T12:55:00Z
7
value 0.00665
scoring_system epss
scoring_elements 0.7123
published_at 2026-04-12T12:55:00Z
8
value 0.00665
scoring_system epss
scoring_elements 0.71214
published_at 2026-04-13T12:55:00Z
9
value 0.00665
scoring_system epss
scoring_elements 0.7126
published_at 2026-04-16T12:55:00Z
10
value 0.00665
scoring_system epss
scoring_elements 0.71267
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19486
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19486
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19486
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1653143
reference_id 1653143
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1653143
5
reference_url https://security.gentoo.org/glsa/201904-13
reference_id GLSA-201904-13
reference_type
scores
url https://security.gentoo.org/glsa/201904-13
6
reference_url https://access.redhat.com/errata/RHSA-2018:3800
reference_id RHSA-2018:3800
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3800
7
reference_url https://usn.ubuntu.com/3829-1/
reference_id USN-3829-1
reference_type
scores
url https://usn.ubuntu.com/3829-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-19486
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r377-hfyz-pkgz
28
url VCID-rq4n-gfwv-uqbb
vulnerability_id VCID-rq4n-gfwv-uqbb
summary git: RCE while cloning local repos
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32004
reference_id
reference_type
scores
0
value 0.02428
scoring_system epss
scoring_elements 0.85169
published_at 2026-04-18T12:55:00Z
1
value 0.02428
scoring_system epss
scoring_elements 0.85138
published_at 2026-04-09T12:55:00Z
2
value 0.02428
scoring_system epss
scoring_elements 0.85153
published_at 2026-04-11T12:55:00Z
3
value 0.02428
scoring_system epss
scoring_elements 0.8515
published_at 2026-04-12T12:55:00Z
4
value 0.02428
scoring_system epss
scoring_elements 0.85147
published_at 2026-04-13T12:55:00Z
5
value 0.02428
scoring_system epss
scoring_elements 0.85168
published_at 2026-04-16T12:55:00Z
6
value 0.02631
scoring_system epss
scoring_elements 0.85667
published_at 2026-04-08T12:55:00Z
7
value 0.02631
scoring_system epss
scoring_elements 0.85623
published_at 2026-04-02T12:55:00Z
8
value 0.02631
scoring_system epss
scoring_elements 0.85641
published_at 2026-04-04T12:55:00Z
9
value 0.02631
scoring_system epss
scoring_elements 0.85648
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32004
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id 1071160
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
5
reference_url http://www.openwall.com/lists/oss-security/2024/05/14/2
reference_id 2
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url http://www.openwall.com/lists/oss-security/2024/05/14/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2280428
reference_id 2280428
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2280428
7
reference_url https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8
reference_id f4aa8c8bb11dae6e769cd930565173808cbb69c8
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8
8
reference_url https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389
reference_id GHSA-xfc6-vwr8-r389
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389
9
reference_url https://git-scm.com/docs/git-clone
reference_id git-clone
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url https://git-scm.com/docs/git-clone
10
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
11
reference_url https://access.redhat.com/errata/RHSA-2024:4083
reference_id RHSA-2024:4083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4083
12
reference_url https://access.redhat.com/errata/RHSA-2024:4084
reference_id RHSA-2024:4084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4084
13
reference_url https://access.redhat.com/errata/RHSA-2024:4368
reference_id RHSA-2024:4368
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4368
14
reference_url https://access.redhat.com/errata/RHSA-2024:4579
reference_id RHSA-2024:4579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4579
15
reference_url https://access.redhat.com/errata/RHSA-2024:6027
reference_id RHSA-2024:6027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6027
16
reference_url https://access.redhat.com/errata/RHSA-2024:6028
reference_id RHSA-2024:6028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6028
17
reference_url https://access.redhat.com/errata/RHSA-2024:6610
reference_id RHSA-2024:6610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6610
18
reference_url https://access.redhat.com/errata/RHSA-2024:7701
reference_id RHSA-2024:7701
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7701
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
reference_id S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
20
reference_url https://usn.ubuntu.com/6793-1/
reference_id USN-6793-1
reference_type
scores
url https://usn.ubuntu.com/6793-1/
21
reference_url https://usn.ubuntu.com/7023-1/
reference_id USN-7023-1
reference_type
scores
url https://usn.ubuntu.com/7023-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-32004
risk_score 3.7
exploitability 0.5
weighted_severity 7.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq4n-gfwv-uqbb
29
url VCID-skd8-z2m9-5yb4
vulnerability_id VCID-skd8-z2m9-5yb4
summary 
A vulnerability has been found in Git that could allow a remote
    attacker to execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21300.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21300.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-21300
reference_id
reference_type
scores
0
value 0.61881
scoring_system epss
scoring_elements 0.98326
published_at 2026-04-01T12:55:00Z
1
value 0.61881
scoring_system epss
scoring_elements 0.98333
published_at 2026-04-07T12:55:00Z
2
value 0.61881
scoring_system epss
scoring_elements 0.98341
published_at 2026-04-11T12:55:00Z
3
value 0.61881
scoring_system epss
scoring_elements 0.98342
published_at 2026-04-13T12:55:00Z
4
value 0.61881
scoring_system epss
scoring_elements 0.98346
published_at 2026-04-16T12:55:00Z
5
value 0.61881
scoring_system epss
scoring_elements 0.98328
published_at 2026-04-02T12:55:00Z
6
value 0.61881
scoring_system epss
scoring_elements 0.9833
published_at 2026-04-04T12:55:00Z
7
value 0.61881
scoring_system epss
scoring_elements 0.98338
published_at 2026-04-09T12:55:00Z
8
value 0.64457
scoring_system epss
scoring_elements 0.98456
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-21300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1935158
reference_id 1935158
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1935158
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985120
reference_id 985120
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985120
6
reference_url https://security.archlinux.org/ASA-202103-3
reference_id ASA-202103-3
reference_type
scores
url https://security.archlinux.org/ASA-202103-3
7
reference_url https://security.archlinux.org/AVG-1665
reference_id AVG-1665
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1665
8
reference_url https://security.gentoo.org/glsa/202104-01
reference_id GLSA-202104-01
reference_type
scores
url https://security.gentoo.org/glsa/202104-01
9
reference_url https://usn.ubuntu.com/4761-1/
reference_id USN-4761-1
reference_type
scores
url https://usn.ubuntu.com/4761-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2021-21300
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-skd8-z2m9-5yb4
30
url VCID-smnt-catx-23e8
vulnerability_id VCID-smnt-catx-23e8
summary 
Multiple vulnerabilities have been found in Git which might all
    allow attackers to access sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11008
reference_id
reference_type
scores
0
value 0.02219
scoring_system epss
scoring_elements 0.84417
published_at 2026-04-01T12:55:00Z
1
value 0.02219
scoring_system epss
scoring_elements 0.84509
published_at 2026-04-18T12:55:00Z
2
value 0.02219
scoring_system epss
scoring_elements 0.84492
published_at 2026-04-12T12:55:00Z
3
value 0.02219
scoring_system epss
scoring_elements 0.84488
published_at 2026-04-13T12:55:00Z
4
value 0.02219
scoring_system epss
scoring_elements 0.84432
published_at 2026-04-02T12:55:00Z
5
value 0.02219
scoring_system epss
scoring_elements 0.84451
published_at 2026-04-04T12:55:00Z
6
value 0.02219
scoring_system epss
scoring_elements 0.84453
published_at 2026-04-07T12:55:00Z
7
value 0.02219
scoring_system epss
scoring_elements 0.84474
published_at 2026-04-08T12:55:00Z
8
value 0.02219
scoring_system epss
scoring_elements 0.8448
published_at 2026-04-09T12:55:00Z
9
value 0.02219
scoring_system epss
scoring_elements 0.84498
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1826001
reference_id 1826001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1826001
5
reference_url https://security.archlinux.org/ASA-202004-21
reference_id ASA-202004-21
reference_type
scores
url https://security.archlinux.org/ASA-202004-21
6
reference_url https://security.archlinux.org/AVG-1138
reference_id AVG-1138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1138
7
reference_url https://security.gentoo.org/glsa/202004-13
reference_id GLSA-202004-13
reference_type
scores
url https://security.gentoo.org/glsa/202004-13
8
reference_url https://access.redhat.com/errata/RHSA-2020:1975
reference_id RHSA-2020:1975
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1975
9
reference_url https://access.redhat.com/errata/RHSA-2020:1978
reference_id RHSA-2020:1978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1978
10
reference_url https://access.redhat.com/errata/RHSA-2020:1979
reference_id RHSA-2020:1979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1979
11
reference_url https://access.redhat.com/errata/RHSA-2020:1980
reference_id RHSA-2020:1980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1980
12
reference_url https://access.redhat.com/errata/RHSA-2020:2337
reference_id RHSA-2020:2337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2337
13
reference_url https://access.redhat.com/errata/RHSA-2020:3581
reference_id RHSA-2020:3581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3581
14
reference_url https://usn.ubuntu.com/4334-1/
reference_id USN-4334-1
reference_type
scores
url https://usn.ubuntu.com/4334-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2020-11008
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-smnt-catx-23e8
31
url VCID-u6dy-wczq-pbgr
vulnerability_id VCID-u6dy-wczq-pbgr
summary 
Git contains multiple vulnerabilities that allow for the remote
    execution of arbitrary code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11233.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11233.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11233
reference_id
reference_type
scores
0
value 0.00295
scoring_system epss
scoring_elements 0.52744
published_at 2026-04-01T12:55:00Z
1
value 0.00295
scoring_system epss
scoring_elements 0.52869
published_at 2026-04-18T12:55:00Z
2
value 0.00295
scoring_system epss
scoring_elements 0.52841
published_at 2026-04-12T12:55:00Z
3
value 0.00295
scoring_system epss
scoring_elements 0.52825
published_at 2026-04-13T12:55:00Z
4
value 0.00295
scoring_system epss
scoring_elements 0.52862
published_at 2026-04-16T12:55:00Z
5
value 0.00295
scoring_system epss
scoring_elements 0.52768
published_at 2026-04-02T12:55:00Z
6
value 0.00295
scoring_system epss
scoring_elements 0.52794
published_at 2026-04-04T12:55:00Z
7
value 0.00295
scoring_system epss
scoring_elements 0.52762
published_at 2026-04-07T12:55:00Z
8
value 0.00295
scoring_system epss
scoring_elements 0.52813
published_at 2026-04-08T12:55:00Z
9
value 0.00295
scoring_system epss
scoring_elements 0.52806
published_at 2026-04-09T12:55:00Z
10
value 0.00295
scoring_system epss
scoring_elements 0.52857
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11233
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11233
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11233
4
reference_url https://marc.info/?l=git&m=152761328506724&w=2
reference_id
reference_type
scores
url https://marc.info/?l=git&m=152761328506724&w=2
5
reference_url http://www.securityfocus.com/bid/104346
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104346
6
reference_url http://www.securitytracker.com/id/1040991
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040991
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1583888
reference_id 1583888
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1583888
8
reference_url https://security.archlinux.org/ASA-201806-1
reference_id ASA-201806-1
reference_type
scores
url https://security.archlinux.org/ASA-201806-1
9
reference_url https://security.archlinux.org/AVG-711
reference_id AVG-711
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-711
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11233
reference_id CVE-2018-11233
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-11233
17
reference_url https://security.gentoo.org/glsa/201805-13
reference_id GLSA-201805-13
reference_type
scores
url https://security.gentoo.org/glsa/201805-13
18
reference_url https://access.redhat.com/errata/RHSA-2018:2147
reference_id RHSA-2018:2147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2147
19
reference_url https://usn.ubuntu.com/3671-1/
reference_id USN-3671-1
reference_type
scores
url https://usn.ubuntu.com/3671-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-11233
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u6dy-wczq-pbgr
32
url VCID-uea5-m2b8-3kc4
vulnerability_id VCID-uea5-m2b8-3kc4
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1349
reference_id
reference_type
scores
0
value 0.28407
scoring_system epss
scoring_elements 0.96487
published_at 2026-04-01T12:55:00Z
1
value 0.28407
scoring_system epss
scoring_elements 0.96533
published_at 2026-04-18T12:55:00Z
2
value 0.28407
scoring_system epss
scoring_elements 0.96521
published_at 2026-04-13T12:55:00Z
3
value 0.28407
scoring_system epss
scoring_elements 0.96527
published_at 2026-04-16T12:55:00Z
4
value 0.28407
scoring_system epss
scoring_elements 0.96495
published_at 2026-04-02T12:55:00Z
5
value 0.28407
scoring_system epss
scoring_elements 0.965
published_at 2026-04-04T12:55:00Z
6
value 0.28407
scoring_system epss
scoring_elements 0.96504
published_at 2026-04-07T12:55:00Z
7
value 0.28407
scoring_system epss
scoring_elements 0.96512
published_at 2026-04-08T12:55:00Z
8
value 0.28407
scoring_system epss
scoring_elements 0.96514
published_at 2026-04-09T12:55:00Z
9
value 0.28407
scoring_system epss
scoring_elements 0.96518
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781143
reference_id 1781143
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781143
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
14
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
15
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
16
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1349
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uea5-m2b8-3kc4
33
url VCID-usx6-t5ns-t3bb
vulnerability_id VCID-usx6-t5ns-t3bb
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-25815
reference_id
reference_type
scores
0
value 0.00099
scoring_system epss
scoring_elements 0.27675
published_at 2026-04-02T12:55:00Z
1
value 0.00099
scoring_system epss
scoring_elements 0.27713
published_at 2026-04-04T12:55:00Z
2
value 0.00099
scoring_system epss
scoring_elements 0.27503
published_at 2026-04-07T12:55:00Z
3
value 0.00099
scoring_system epss
scoring_elements 0.27571
published_at 2026-04-08T12:55:00Z
4
value 0.00099
scoring_system epss
scoring_elements 0.27614
published_at 2026-04-09T12:55:00Z
5
value 0.00099
scoring_system epss
scoring_elements 0.27619
published_at 2026-04-11T12:55:00Z
6
value 0.00099
scoring_system epss
scoring_elements 0.27574
published_at 2026-04-12T12:55:00Z
7
value 0.00099
scoring_system epss
scoring_elements 0.27518
published_at 2026-04-13T12:55:00Z
8
value 0.00099
scoring_system epss
scoring_elements 0.27525
published_at 2026-04-16T12:55:00Z
9
value 0.00099
scoring_system epss
scoring_elements 0.27498
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-25815
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id 1034835
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2188337
reference_id 2188337
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2188337
6
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
7
reference_url https://access.redhat.com/errata/RHSA-2023:3192
reference_id RHSA-2023:3192
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3192
8
reference_url https://access.redhat.com/errata/RHSA-2023:3243
reference_id RHSA-2023:3243
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3243
9
reference_url https://access.redhat.com/errata/RHSA-2023:3245
reference_id RHSA-2023:3245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3245
10
reference_url https://access.redhat.com/errata/RHSA-2023:3246
reference_id RHSA-2023:3246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3246
11
reference_url https://access.redhat.com/errata/RHSA-2023:3247
reference_id RHSA-2023:3247
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3247
12
reference_url https://access.redhat.com/errata/RHSA-2023:3248
reference_id RHSA-2023:3248
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3248
13
reference_url https://access.redhat.com/errata/RHSA-2023:3280
reference_id RHSA-2023:3280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3280
14
reference_url https://access.redhat.com/errata/RHSA-2023:3382
reference_id RHSA-2023:3382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3382
15
reference_url https://usn.ubuntu.com/6050-1/
reference_id USN-6050-1
reference_type
scores
url https://usn.ubuntu.com/6050-1/
16
reference_url https://usn.ubuntu.com/7023-1/
reference_id USN-7023-1
reference_type
scores
url https://usn.ubuntu.com/7023-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2023-25815
risk_score 1.0
exploitability 0.5
weighted_severity 2.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-usx6-t5ns-t3bb
34
url VCID-uszr-cr35-r7gr
vulnerability_id VCID-uszr-cr35-r7gr
summary git: Recursive clones RCE
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-32002
reference_id
reference_type
scores
0
value 0.80377
scoring_system epss
scoring_elements 0.99126
published_at 2026-04-18T12:55:00Z
1
value 0.80377
scoring_system epss
scoring_elements 0.99115
published_at 2026-04-02T12:55:00Z
2
value 0.80377
scoring_system epss
scoring_elements 0.99118
published_at 2026-04-04T12:55:00Z
3
value 0.80377
scoring_system epss
scoring_elements 0.99121
published_at 2026-04-07T12:55:00Z
4
value 0.80377
scoring_system epss
scoring_elements 0.99122
published_at 2026-04-09T12:55:00Z
5
value 0.80377
scoring_system epss
scoring_elements 0.99123
published_at 2026-04-13T12:55:00Z
6
value 0.80377
scoring_system epss
scoring_elements 0.99125
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-32002
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id 1071160
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
5
reference_url http://www.openwall.com/lists/oss-security/2024/05/14/2
reference_id 2
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url http://www.openwall.com/lists/oss-security/2024/05/14/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2280421
reference_id 2280421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2280421
7
reference_url https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
reference_id 97065761333fd62db1912d81b489db938d8c991d
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d
8
reference_url https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv
reference_id GHSA-8h77-4q3w-gfgv
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv
9
reference_url https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt
reference_id git-clone.txt---recurse-submodulesltpathspecgt
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt
10
reference_url https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks
reference_id git-config.txt-coresymlinks
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks
11
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
12
reference_url https://access.redhat.com/errata/RHSA-2024:4083
reference_id RHSA-2024:4083
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4083
13
reference_url https://access.redhat.com/errata/RHSA-2024:4084
reference_id RHSA-2024:4084
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4084
14
reference_url https://access.redhat.com/errata/RHSA-2024:4368
reference_id RHSA-2024:4368
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4368
15
reference_url https://access.redhat.com/errata/RHSA-2024:4579
reference_id RHSA-2024:4579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:4579
16
reference_url https://access.redhat.com/errata/RHSA-2024:6027
reference_id RHSA-2024:6027
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6027
17
reference_url https://access.redhat.com/errata/RHSA-2024:6028
reference_id RHSA-2024:6028
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6028
18
reference_url https://access.redhat.com/errata/RHSA-2024:6610
reference_id RHSA-2024:6610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:6610
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
reference_id S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/
20
reference_url https://usn.ubuntu.com/6793-1/
reference_id USN-6793-1
reference_type
scores
url https://usn.ubuntu.com/6793-1/
21
reference_url https://usn.ubuntu.com/6793-2/
reference_id USN-6793-2
reference_type
scores
url https://usn.ubuntu.com/6793-2/
22
reference_url https://usn.ubuntu.com/7023-1/
reference_id USN-7023-1
reference_type
scores
url https://usn.ubuntu.com/7023-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-32002
risk_score 10.0
exploitability 2.0
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uszr-cr35-r7gr
35
url VCID-v84q-w7ye-c7d3
vulnerability_id VCID-v84q-w7ye-c7d3
summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22490.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22490.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-22490
reference_id
reference_type
scores
0
value 0.00176
scoring_system epss
scoring_elements 0.39139
published_at 2026-04-18T12:55:00Z
1
value 0.00176
scoring_system epss
scoring_elements 0.39159
published_at 2026-04-09T12:55:00Z
2
value 0.00176
scoring_system epss
scoring_elements 0.39171
published_at 2026-04-11T12:55:00Z
3
value 0.00176
scoring_system epss
scoring_elements 0.39134
published_at 2026-04-12T12:55:00Z
4
value 0.00176
scoring_system epss
scoring_elements 0.39115
published_at 2026-04-13T12:55:00Z
5
value 0.00176
scoring_system epss
scoring_elements 0.39169
published_at 2026-04-16T12:55:00Z
6
value 0.0029
scoring_system epss
scoring_elements 0.52391
published_at 2026-04-02T12:55:00Z
7
value 0.0029
scoring_system epss
scoring_elements 0.52419
published_at 2026-04-04T12:55:00Z
8
value 0.0029
scoring_system epss
scoring_elements 0.52384
published_at 2026-04-07T12:55:00Z
9
value 0.0029
scoring_system epss
scoring_elements 0.52437
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-22490
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310
reference_id 1031310
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2168160
reference_id 2168160
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2168160
7
reference_url https://security.gentoo.org/glsa/202312-15
reference_id GLSA-202312-15
reference_type
scores
url https://security.gentoo.org/glsa/202312-15
8
reference_url https://access.redhat.com/errata/RHSA-2023:3245
reference_id RHSA-2023:3245
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3245
9
reference_url https://access.redhat.com/errata/RHSA-2023:3246
reference_id RHSA-2023:3246
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3246
10
reference_url https://access.redhat.com/errata/RHSA-2024:0407
reference_id RHSA-2024:0407
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0407
11
reference_url https://usn.ubuntu.com/5871-1/
reference_id USN-5871-1
reference_type
scores
url https://usn.ubuntu.com/5871-1/
12
reference_url https://usn.ubuntu.com/5871-2/
reference_id USN-5871-2
reference_type
scores
url https://usn.ubuntu.com/5871-2/
fixed_packages
0
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2023-22490
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v84q-w7ye-c7d3
36
url VCID-wgzc-r8rd-t3dx
vulnerability_id VCID-wgzc-r8rd-t3dx
summary git: Newline confusion in credential helpers can lead to credential exfiltration in git
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-52006
reference_id
reference_type
scores
0
value 0.01025
scoring_system epss
scoring_elements 0.77311
published_at 2026-04-18T12:55:00Z
1
value 0.01025
scoring_system epss
scoring_elements 0.77216
published_at 2026-04-02T12:55:00Z
2
value 0.01025
scoring_system epss
scoring_elements 0.77245
published_at 2026-04-04T12:55:00Z
3
value 0.01025
scoring_system epss
scoring_elements 0.77227
published_at 2026-04-07T12:55:00Z
4
value 0.01025
scoring_system epss
scoring_elements 0.77259
published_at 2026-04-08T12:55:00Z
5
value 0.01025
scoring_system epss
scoring_elements 0.77267
published_at 2026-04-09T12:55:00Z
6
value 0.01025
scoring_system epss
scoring_elements 0.77295
published_at 2026-04-11T12:55:00Z
7
value 0.01025
scoring_system epss
scoring_elements 0.77274
published_at 2026-04-12T12:55:00Z
8
value 0.01025
scoring_system epss
scoring_elements 0.77272
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-52006
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
reference_id 1093042
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2337956
reference_id 2337956
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2337956
6
reference_url https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060
reference_id b01b9b81d36759cdcd07305e78765199e1bc2060
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/
url https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060
7
reference_url https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q
reference_id GHSA-qm7j-c969-7j4q
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/
url https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q
8
reference_url https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp
reference_id GHSA-r5ph-xg7q-xfrp
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/
url https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp
9
reference_url https://access.redhat.com/errata/RHSA-2025:11462
reference_id RHSA-2025:11462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11462
10
reference_url https://access.redhat.com/errata/RHSA-2025:11533
reference_id RHSA-2025:11533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11533
11
reference_url https://access.redhat.com/errata/RHSA-2025:11534
reference_id RHSA-2025:11534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11534
12
reference_url https://usn.ubuntu.com/7207-1/
reference_id USN-7207-1
reference_type
scores
url https://usn.ubuntu.com/7207-1/
13
reference_url https://usn.ubuntu.com/7207-2/
reference_id USN-7207-2
reference_type
scores
url https://usn.ubuntu.com/7207-2/
14
reference_url https://usn.ubuntu.com/7964-1/
reference_id USN-7964-1
reference_type
scores
url https://usn.ubuntu.com/7964-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2024-52006
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgzc-r8rd-t3dx
37
url VCID-x8he-nt8f-57fk
vulnerability_id VCID-x8he-nt8f-57fk
summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-27613
reference_id
reference_type
scores
0
value 0.00011
scoring_system epss
scoring_elements 0.0144
published_at 2026-04-02T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01442
published_at 2026-04-04T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.01959
published_at 2026-04-18T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.01995
published_at 2026-04-07T12:55:00Z
4
value 0.00013
scoring_system epss
scoring_elements 0.01997
published_at 2026-04-08T12:55:00Z
5
value 0.00013
scoring_system epss
scoring_elements 0.02013
published_at 2026-04-09T12:55:00Z
6
value 0.00013
scoring_system epss
scoring_elements 0.01998
published_at 2026-04-11T12:55:00Z
7
value 0.00013
scoring_system epss
scoring_elements 0.01982
published_at 2026-04-12T12:55:00Z
8
value 0.00013
scoring_system epss
scoring_elements 0.01977
published_at 2026-04-13T12:55:00Z
9
value 0.00013
scoring_system epss
scoring_elements 0.01957
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-27613
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id 1108983
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2379124
reference_id 2379124
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2379124
6
reference_url https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5
reference_id 465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/
url https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5
7
reference_url https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652
reference_id 7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/
url https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652
8
reference_url https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v
reference_id GHSA-f3cw-xrj3-wr2v
reference_type
scores
0
value 3.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/
url https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v
9
reference_url https://security.gentoo.org/glsa/202507-09
reference_id GLSA-202507-09
reference_type
scores
url https://security.gentoo.org/glsa/202507-09
10
reference_url https://access.redhat.com/errata/RHSA-2025:11462
reference_id RHSA-2025:11462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11462
11
reference_url https://access.redhat.com/errata/RHSA-2025:11533
reference_id RHSA-2025:11533
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11533
12
reference_url https://access.redhat.com/errata/RHSA-2025:11534
reference_id RHSA-2025:11534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11534
13
reference_url https://usn.ubuntu.com/7626-1/
reference_id USN-7626-1
reference_type
scores
url https://usn.ubuntu.com/7626-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2025-27613
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8he-nt8f-57fk
38
url VCID-y3uw-f72u-5qes
vulnerability_id VCID-y3uw-f72u-5qes
summary git: Mishandling layers of tree objects
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15298.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15298.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15298
reference_id
reference_type
scores
0
value 0.00446
scoring_system epss
scoring_elements 0.63381
published_at 2026-04-01T12:55:00Z
1
value 0.00446
scoring_system epss
scoring_elements 0.63512
published_at 2026-04-18T12:55:00Z
2
value 0.00446
scoring_system epss
scoring_elements 0.63519
published_at 2026-04-11T12:55:00Z
3
value 0.00446
scoring_system epss
scoring_elements 0.63503
published_at 2026-04-12T12:55:00Z
4
value 0.00446
scoring_system epss
scoring_elements 0.63469
published_at 2026-04-13T12:55:00Z
5
value 0.00446
scoring_system epss
scoring_elements 0.63504
published_at 2026-04-16T12:55:00Z
6
value 0.00446
scoring_system epss
scoring_elements 0.63441
published_at 2026-04-02T12:55:00Z
7
value 0.00446
scoring_system epss
scoring_elements 0.63468
published_at 2026-04-04T12:55:00Z
8
value 0.00446
scoring_system epss
scoring_elements 0.63433
published_at 2026-04-07T12:55:00Z
9
value 0.00446
scoring_system epss
scoring_elements 0.63484
published_at 2026-04-08T12:55:00Z
10
value 0.00446
scoring_system epss
scoring_elements 0.63502
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15298
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15298
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15298
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/Katee/git-bomb
reference_id
reference_type
scores
url https://github.com/Katee/git-bomb
6
reference_url https://kate.io/blog/git-bomb/
reference_id
reference_type
scores
url https://kate.io/blog/git-bomb/
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1510455
reference_id 1510455
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1510455
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-15298
reference_id CVE-2017-15298
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-15298
14
reference_url https://usn.ubuntu.com/3829-1/
reference_id USN-3829-1
reference_type
scores
url https://usn.ubuntu.com/3829-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2017-15298
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y3uw-f72u-5qes
39
url VCID-y5fa-ahxz-9kb1
vulnerability_id VCID-y5fa-ahxz-9kb1
summary 
Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1348
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15413
published_at 2026-04-01T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.1524
published_at 2026-04-18T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15383
published_at 2026-04-12T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15317
published_at 2026-04-13T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15234
published_at 2026-04-16T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15453
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15522
published_at 2026-04-04T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15322
published_at 2026-04-07T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1541
published_at 2026-04-08T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1546
published_at 2026-04-09T12:55:00Z
10
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1348
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781953
reference_id 1781953
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781953
9
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
10
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
11
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
12
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
13
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
14
reference_url https://security.gentoo.org/glsa/202003-42
reference_id GLSA-202003-42
reference_type
scores
url https://security.gentoo.org/glsa/202003-42
15
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
16
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
17
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
18
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
1
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1348
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5fa-ahxz-9kb1
Fixing_vulnerabilities
0
url VCID-1p7p-zdcs-xugj
vulnerability_id VCID-1p7p-zdcs-xugj
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1353
reference_id
reference_type
scores
0
value 0.00187
scoring_system epss
scoring_elements 0.40472
published_at 2026-04-01T12:55:00Z
1
value 0.00187
scoring_system epss
scoring_elements 0.40552
published_at 2026-04-02T12:55:00Z
2
value 0.00187
scoring_system epss
scoring_elements 0.40579
published_at 2026-04-04T12:55:00Z
3
value 0.00187
scoring_system epss
scoring_elements 0.40501
published_at 2026-04-07T12:55:00Z
4
value 0.00187
scoring_system epss
scoring_elements 0.40551
published_at 2026-04-08T12:55:00Z
5
value 0.00187
scoring_system epss
scoring_elements 0.40562
published_at 2026-04-09T12:55:00Z
6
value 0.00187
scoring_system epss
scoring_elements 0.40582
published_at 2026-04-11T12:55:00Z
7
value 0.00187
scoring_system epss
scoring_elements 0.40545
published_at 2026-04-12T12:55:00Z
8
value 0.00187
scoring_system epss
scoring_elements 0.40526
published_at 2026-04-13T12:55:00Z
9
value 0.00187
scoring_system epss
scoring_elements 0.40574
published_at 2026-04-16T12:55:00Z
10
value 0.00187
scoring_system epss
scoring_elements 0.40543
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1353
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781966
reference_id 1781966
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781966
8
reference_url https://security.archlinux.org/AVG-1074
reference_id AVG-1074
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1074
9
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
10
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1353
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1p7p-zdcs-xugj
1
url VCID-3917-1uyb-jfe5
vulnerability_id VCID-3917-1uyb-jfe5
summary 
Git contains multiple vulnerabilities that allow for the remote
    execution of arbitrary code.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-11235
reference_id
reference_type
scores
0
value 0.4172
scoring_system epss
scoring_elements 0.97394
published_at 2026-04-01T12:55:00Z
1
value 0.4172
scoring_system epss
scoring_elements 0.97431
published_at 2026-04-18T12:55:00Z
2
value 0.4172
scoring_system epss
scoring_elements 0.97415
published_at 2026-04-09T12:55:00Z
3
value 0.4172
scoring_system epss
scoring_elements 0.97417
published_at 2026-04-11T12:55:00Z
4
value 0.4172
scoring_system epss
scoring_elements 0.97419
published_at 2026-04-13T12:55:00Z
5
value 0.4172
scoring_system epss
scoring_elements 0.97427
published_at 2026-04-16T12:55:00Z
6
value 0.4172
scoring_system epss
scoring_elements 0.974
published_at 2026-04-02T12:55:00Z
7
value 0.4172
scoring_system epss
scoring_elements 0.97405
published_at 2026-04-04T12:55:00Z
8
value 0.4172
scoring_system epss
scoring_elements 0.97407
published_at 2026-04-07T12:55:00Z
9
value 0.4172
scoring_system epss
scoring_elements 0.97414
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-11235
3
reference_url https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
reference_id
reference_type
scores
url https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://marc.info/?l=git&m=152761328506724&w=2
reference_id
reference_type
scores
url https://marc.info/?l=git&m=152761328506724&w=2
7
reference_url https://www.debian.org/security/2018/dsa-4212
reference_id
reference_type
scores
url https://www.debian.org/security/2018/dsa-4212
8
reference_url https://www.exploit-db.com/exploits/44822/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44822/
9
reference_url http://www.securityfocus.com/bid/104345
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/104345
10
reference_url http://www.securitytracker.com/id/1040991
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1040991
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1583862
reference_id 1583862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1583862
12
reference_url https://security.archlinux.org/ASA-201806-1
reference_id ASA-201806-1
reference_type
scores
url https://security.archlinux.org/ASA-201806-1
13
reference_url https://security.archlinux.org/AVG-711
reference_id AVG-711
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-711
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-11235
reference_id CVE-2018-11235
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2018-11235
29
reference_url https://security.gentoo.org/glsa/201805-13
reference_id GLSA-201805-13
reference_type
scores
url https://security.gentoo.org/glsa/201805-13
30
reference_url https://access.redhat.com/errata/RHSA-2018:1957
reference_id RHSA-2018:1957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:1957
31
reference_url https://access.redhat.com/errata/RHSA-2018:2147
reference_id RHSA-2018:2147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:2147
32
reference_url https://usn.ubuntu.com/3671-1/
reference_id USN-3671-1
reference_type
scores
url https://usn.ubuntu.com/3671-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
purl pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-chdb-9uwu-67f8
19
vulnerability VCID-e33d-r9kx-aucw
20
vulnerability VCID-fmwm-yd3f-muh3
21
vulnerability VCID-frhz-f158-v7be
22
vulnerability VCID-h5v9-82w6-bkcq
23
vulnerability VCID-h8as-wpes-q7eq
24
vulnerability VCID-hr22-p62n-hqd9
25
vulnerability VCID-m5ss-32kw-tyf7
26
vulnerability VCID-m64b-xncz-6khh
27
vulnerability VCID-mhs7-a1hp-dqa3
28
vulnerability VCID-mzyt-2sh3-wydh
29
vulnerability VCID-r377-hfyz-pkgz
30
vulnerability VCID-rq4n-gfwv-uqbb
31
vulnerability VCID-skd8-z2m9-5yb4
32
vulnerability VCID-smnt-catx-23e8
33
vulnerability VCID-u6dy-wczq-pbgr
34
vulnerability VCID-uea5-m2b8-3kc4
35
vulnerability VCID-usx6-t5ns-t3bb
36
vulnerability VCID-uszr-cr35-r7gr
37
vulnerability VCID-uysk-79k5-ayhz
38
vulnerability VCID-v84q-w7ye-c7d3
39
vulnerability VCID-vjnp-dnar-p7gy
40
vulnerability VCID-wgzc-r8rd-t3dx
41
vulnerability VCID-x8he-nt8f-57fk
42
vulnerability VCID-y3uw-f72u-5qes
43
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.1.4-2.1%252Bdeb8u6
1
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
2
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-11235
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3917-1uyb-jfe5
2
url VCID-6wfy-67je-97h1
vulnerability_id VCID-6wfy-67je-97h1
summary 
A command injection vulnerability in Git may allow remote attackers
    to execute arbitrary code.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2675
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2675
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000117
reference_id
reference_type
scores
0
value 0.76431
scoring_system epss
scoring_elements 0.98924
published_at 2026-04-01T12:55:00Z
1
value 0.76431
scoring_system epss
scoring_elements 0.98939
published_at 2026-04-18T12:55:00Z
2
value 0.76431
scoring_system epss
scoring_elements 0.9893
published_at 2026-04-07T12:55:00Z
3
value 0.76431
scoring_system epss
scoring_elements 0.98932
published_at 2026-04-09T12:55:00Z
4
value 0.76431
scoring_system epss
scoring_elements 0.98934
published_at 2026-04-11T12:55:00Z
5
value 0.76431
scoring_system epss
scoring_elements 0.98935
published_at 2026-04-13T12:55:00Z
6
value 0.76431
scoring_system epss
scoring_elements 0.98937
published_at 2026-04-16T12:55:00Z
7
value 0.76431
scoring_system epss
scoring_elements 0.98925
published_at 2026-04-02T12:55:00Z
8
value 0.76431
scoring_system epss
scoring_elements 0.98928
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000117
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:P/A:P
1
value 8.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://support.apple.com/HT208103
reference_id
reference_type
scores
url https://support.apple.com/HT208103
6
reference_url https://www.exploit-db.com/exploits/42599/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42599/
7
reference_url https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html
reference_id
reference_type
scores
url https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html
8
reference_url http://www.debian.org/security/2017/dsa-3934
reference_id
reference_type
scores
url http://www.debian.org/security/2017/dsa-3934
9
reference_url http://www.securityfocus.com/bid/100283
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100283
10
reference_url http://www.securitytracker.com/id/1039131
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039131
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1480386
reference_id 1480386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1480386
12
reference_url https://security.archlinux.org/ASA-201708-6
reference_id ASA-201708-6
reference_type
scores
url https://security.archlinux.org/ASA-201708-6
13
reference_url https://security.archlinux.org/AVG-377
reference_id AVG-377
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-377
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*
39
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*
61
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*
62
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*
63
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*
64
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*
65
reference_url https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb
reference_id CVE-2017-1000117
reference_type exploit
scores
url https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb
66
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb
reference_id CVE-2017-1000117
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb
67
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000117
reference_id CVE-2017-1000117
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000117
68
reference_url https://security.gentoo.org/glsa/201709-10
reference_id GLSA-201709-10
reference_type
scores
url https://security.gentoo.org/glsa/201709-10
69
reference_url https://access.redhat.com/errata/RHSA-2017:2484
reference_id RHSA-2017:2484
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2484
70
reference_url https://access.redhat.com/errata/RHSA-2017:2485
reference_id RHSA-2017:2485
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2485
71
reference_url https://access.redhat.com/errata/RHSA-2017:2491
reference_id RHSA-2017:2491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2491
72
reference_url https://access.redhat.com/errata/RHSA-2017:2674
reference_id RHSA-2017:2674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2674
73
reference_url https://usn.ubuntu.com/3387-1/
reference_id USN-3387-1
reference_type
scores
url https://usn.ubuntu.com/3387-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
purl pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-chdb-9uwu-67f8
19
vulnerability VCID-e33d-r9kx-aucw
20
vulnerability VCID-fmwm-yd3f-muh3
21
vulnerability VCID-frhz-f158-v7be
22
vulnerability VCID-h5v9-82w6-bkcq
23
vulnerability VCID-h8as-wpes-q7eq
24
vulnerability VCID-hr22-p62n-hqd9
25
vulnerability VCID-m5ss-32kw-tyf7
26
vulnerability VCID-m64b-xncz-6khh
27
vulnerability VCID-mhs7-a1hp-dqa3
28
vulnerability VCID-mzyt-2sh3-wydh
29
vulnerability VCID-r377-hfyz-pkgz
30
vulnerability VCID-rq4n-gfwv-uqbb
31
vulnerability VCID-skd8-z2m9-5yb4
32
vulnerability VCID-smnt-catx-23e8
33
vulnerability VCID-u6dy-wczq-pbgr
34
vulnerability VCID-uea5-m2b8-3kc4
35
vulnerability VCID-usx6-t5ns-t3bb
36
vulnerability VCID-uszr-cr35-r7gr
37
vulnerability VCID-uysk-79k5-ayhz
38
vulnerability VCID-v84q-w7ye-c7d3
39
vulnerability VCID-vjnp-dnar-p7gy
40
vulnerability VCID-wgzc-r8rd-t3dx
41
vulnerability VCID-x8he-nt8f-57fk
42
vulnerability VCID-y3uw-f72u-5qes
43
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.1.4-2.1%252Bdeb8u6
1
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
2
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2017-1000117
risk_score 10.0
exploitability 2.0
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6wfy-67je-97h1
3
url VCID-7s2v-tjh1-pfb9
vulnerability_id VCID-7s2v-tjh1-pfb9
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-17456
reference_id
reference_type
scores
0
value 0.66226
scoring_system epss
scoring_elements 0.98512
published_at 2026-04-01T12:55:00Z
1
value 0.66226
scoring_system epss
scoring_elements 0.9853
published_at 2026-04-18T12:55:00Z
2
value 0.66226
scoring_system epss
scoring_elements 0.98523
published_at 2026-04-13T12:55:00Z
3
value 0.66226
scoring_system epss
scoring_elements 0.98529
published_at 2026-04-16T12:55:00Z
4
value 0.66226
scoring_system epss
scoring_elements 0.98514
published_at 2026-04-02T12:55:00Z
5
value 0.66226
scoring_system epss
scoring_elements 0.98516
published_at 2026-04-07T12:55:00Z
6
value 0.66226
scoring_system epss
scoring_elements 0.9852
published_at 2026-04-08T12:55:00Z
7
value 0.66226
scoring_system epss
scoring_elements 0.98521
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-17456
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1636619
reference_id 1636619
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1636619
5
reference_url https://security.archlinux.org/ASA-201810-7
reference_id ASA-201810-7
reference_type
scores
url https://security.archlinux.org/ASA-201810-7
6
reference_url https://security.archlinux.org/AVG-776
reference_id AVG-776
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-776
7
reference_url https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md
reference_id CVE-2018-17456
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md
10
reference_url https://marc.info/?l=git&m=153875888916397&w=2
reference_id CVE-2018-17456
reference_type exploit
scores
url https://marc.info/?l=git&m=153875888916397&w=2
11
reference_url https://access.redhat.com/errata/RHSA-2018:3408
reference_id RHSA-2018:3408
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3408
12
reference_url https://access.redhat.com/errata/RHSA-2018:3541
reference_id RHSA-2018:3541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3541
13
reference_url https://access.redhat.com/errata/RHSA-2020:0316
reference_id RHSA-2020:0316
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0316
14
reference_url https://usn.ubuntu.com/3791-1/
reference_id USN-3791-1
reference_type
scores
url https://usn.ubuntu.com/3791-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2018-17456
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2v-tjh1-pfb9
4
url VCID-7wv5-e9br-nqbd
vulnerability_id VCID-7wv5-e9br-nqbd
summary 
Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1387
reference_id
reference_type
scores
0
value 0.02175
scoring_system epss
scoring_elements 0.84335
published_at 2026-04-12T12:55:00Z
1
value 0.02175
scoring_system epss
scoring_elements 0.84342
published_at 2026-04-11T12:55:00Z
2
value 0.02175
scoring_system epss
scoring_elements 0.84354
published_at 2026-04-18T12:55:00Z
3
value 0.02175
scoring_system epss
scoring_elements 0.84324
published_at 2026-04-09T12:55:00Z
4
value 0.02175
scoring_system epss
scoring_elements 0.84353
published_at 2026-04-16T12:55:00Z
5
value 0.02175
scoring_system epss
scoring_elements 0.84331
published_at 2026-04-13T12:55:00Z
6
value 0.02358
scoring_system epss
scoring_elements 0.84877
published_at 2026-04-04T12:55:00Z
7
value 0.02358
scoring_system epss
scoring_elements 0.84858
published_at 2026-04-02T12:55:00Z
8
value 0.02358
scoring_system epss
scoring_elements 0.84878
published_at 2026-04-07T12:55:00Z
9
value 0.02358
scoring_system epss
scoring_elements 0.84843
published_at 2026-04-01T12:55:00Z
10
value 0.02358
scoring_system epss
scoring_elements 0.84901
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1387
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781127
reference_id 1781127
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781127
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://security.gentoo.org/glsa/202003-42
reference_id GLSA-202003-42
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://security.gentoo.org/glsa/202003-42
14
reference_url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
reference_id msg00018.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html
15
reference_url https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html
reference_id msg00019.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html
16
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/
reference_id N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/
18
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2019:4356
19
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0002
20
reference_url https://access.redhat.com/errata/RHSA-2020:0124
reference_id RHSA-2020:0124
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0124
21
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://access.redhat.com/errata/RHSA-2020:0228
22
reference_url https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u
reference_id #u
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u
23
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
24
reference_url https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/
reference_id xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/
url https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3
aliases CVE-2019-1387
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wv5-e9br-nqbd
5
url VCID-frhz-f158-v7be
vulnerability_id VCID-frhz-f158-v7be
summary 
Multiple vulnerabilities have been found in Git which might all
    allow attackers to access sensitive information.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
2
reference_url http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-5260
reference_id
reference_type
scores
0
value 0.32539
scoring_system epss
scoring_elements 0.9683
published_at 2026-04-01T12:55:00Z
1
value 0.32539
scoring_system epss
scoring_elements 0.96869
published_at 2026-04-18T12:55:00Z
2
value 0.32539
scoring_system epss
scoring_elements 0.96853
published_at 2026-04-09T12:55:00Z
3
value 0.32539
scoring_system epss
scoring_elements 0.96856
published_at 2026-04-11T12:55:00Z
4
value 0.32539
scoring_system epss
scoring_elements 0.96857
published_at 2026-04-12T12:55:00Z
5
value 0.32539
scoring_system epss
scoring_elements 0.96858
published_at 2026-04-13T12:55:00Z
6
value 0.32539
scoring_system epss
scoring_elements 0.96865
published_at 2026-04-16T12:55:00Z
7
value 0.32539
scoring_system epss
scoring_elements 0.96838
published_at 2026-04-02T12:55:00Z
8
value 0.32539
scoring_system epss
scoring_elements 0.96839
published_at 2026-04-04T12:55:00Z
9
value 0.32539
scoring_system epss
scoring_elements 0.96844
published_at 2026-04-07T12:55:00Z
10
value 0.32539
scoring_system epss
scoring_elements 0.96852
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-5260
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
reference_id
reference_type
scores
url https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b
8
reference_url https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/
10
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/
11
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/
14
reference_url https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/
reference_id
reference_type
scores
url https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/
15
reference_url https://support.apple.com/kb/HT211141
reference_id
reference_type
scores
url https://support.apple.com/kb/HT211141
16
reference_url https://www.debian.org/security/2020/dsa-4657
reference_id
reference_type
scores
url https://www.debian.org/security/2020/dsa-4657
17
reference_url http://www.openwall.com/lists/oss-security/2020/04/15/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/15/5
18
reference_url http://www.openwall.com/lists/oss-security/2020/04/15/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/15/6
19
reference_url http://www.openwall.com/lists/oss-security/2020/04/20/1
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2020/04/20/1
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1822020
reference_id 1822020
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1822020
21
reference_url https://security.archlinux.org/ASA-202004-13
reference_id ASA-202004-13
reference_type
scores
url https://security.archlinux.org/ASA-202004-13
22
reference_url https://security.archlinux.org/AVG-1133
reference_id AVG-1133
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1133
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-5260
reference_id CVE-2020-5260
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 9.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2020-5260
36
reference_url https://security.gentoo.org/glsa/202004-13
reference_id GLSA-202004-13
reference_type
scores
url https://security.gentoo.org/glsa/202004-13
37
reference_url https://access.redhat.com/errata/RHSA-2020:1503
reference_id RHSA-2020:1503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1503
38
reference_url https://access.redhat.com/errata/RHSA-2020:1511
reference_id RHSA-2020:1511
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1511
39
reference_url https://access.redhat.com/errata/RHSA-2020:1513
reference_id RHSA-2020:1513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1513
40
reference_url https://access.redhat.com/errata/RHSA-2020:1518
reference_id RHSA-2020:1518
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1518
41
reference_url https://access.redhat.com/errata/RHSA-2020:3581
reference_id RHSA-2020:3581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3581
42
reference_url https://usn.ubuntu.com/4329-1/
reference_id USN-4329-1
reference_type
scores
url https://usn.ubuntu.com/4329-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2020-5260
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-frhz-f158-v7be
6
url VCID-h5v9-82w6-bkcq
vulnerability_id VCID-h5v9-82w6-bkcq
summary 
A vulnerability in Git might allow remote attackers to bypass
    security restrictions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8386.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8386.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-8386
reference_id
reference_type
scores
0
value 0.7273
scoring_system epss
scoring_elements 0.98763
published_at 2026-04-01T12:55:00Z
1
value 0.7273
scoring_system epss
scoring_elements 0.98777
published_at 2026-04-18T12:55:00Z
2
value 0.7273
scoring_system epss
scoring_elements 0.98773
published_at 2026-04-13T12:55:00Z
3
value 0.7273
scoring_system epss
scoring_elements 0.98776
published_at 2026-04-16T12:55:00Z
4
value 0.7273
scoring_system epss
scoring_elements 0.98764
published_at 2026-04-02T12:55:00Z
5
value 0.7273
scoring_system epss
scoring_elements 0.98767
published_at 2026-04-04T12:55:00Z
6
value 0.7273
scoring_system epss
scoring_elements 0.98769
published_at 2026-04-09T12:55:00Z
7
value 0.7273
scoring_system epss
scoring_elements 0.9877
published_at 2026-04-08T12:55:00Z
8
value 0.7273
scoring_system epss
scoring_elements 0.98772
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-8386
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1450407
reference_id 1450407
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1450407
5
reference_url https://security.archlinux.org/ASA-201705-14
reference_id ASA-201705-14
reference_type
scores
url https://security.archlinux.org/ASA-201705-14
6
reference_url https://security.archlinux.org/AVG-267
reference_id AVG-267
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-267
7
reference_url https://security.gentoo.org/glsa/201706-04
reference_id GLSA-201706-04
reference_type
scores
url https://security.gentoo.org/glsa/201706-04
8
reference_url https://access.redhat.com/errata/RHSA-2017:2004
reference_id RHSA-2017:2004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2004
9
reference_url https://access.redhat.com/errata/RHSA-2017:2491
reference_id RHSA-2017:2491
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2491
10
reference_url https://usn.ubuntu.com/3287-1/
reference_id USN-3287-1
reference_type
scores
url https://usn.ubuntu.com/3287-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
purl pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-chdb-9uwu-67f8
19
vulnerability VCID-e33d-r9kx-aucw
20
vulnerability VCID-fmwm-yd3f-muh3
21
vulnerability VCID-frhz-f158-v7be
22
vulnerability VCID-h5v9-82w6-bkcq
23
vulnerability VCID-h8as-wpes-q7eq
24
vulnerability VCID-hr22-p62n-hqd9
25
vulnerability VCID-m5ss-32kw-tyf7
26
vulnerability VCID-m64b-xncz-6khh
27
vulnerability VCID-mhs7-a1hp-dqa3
28
vulnerability VCID-mzyt-2sh3-wydh
29
vulnerability VCID-r377-hfyz-pkgz
30
vulnerability VCID-rq4n-gfwv-uqbb
31
vulnerability VCID-skd8-z2m9-5yb4
32
vulnerability VCID-smnt-catx-23e8
33
vulnerability VCID-u6dy-wczq-pbgr
34
vulnerability VCID-uea5-m2b8-3kc4
35
vulnerability VCID-usx6-t5ns-t3bb
36
vulnerability VCID-uszr-cr35-r7gr
37
vulnerability VCID-uysk-79k5-ayhz
38
vulnerability VCID-v84q-w7ye-c7d3
39
vulnerability VCID-vjnp-dnar-p7gy
40
vulnerability VCID-wgzc-r8rd-t3dx
41
vulnerability VCID-x8he-nt8f-57fk
42
vulnerability VCID-y3uw-f72u-5qes
43
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.1.4-2.1%252Bdeb8u6
1
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
aliases CVE-2017-8386
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5v9-82w6-bkcq
7
url VCID-m64b-xncz-6khh
vulnerability_id VCID-m64b-xncz-6khh
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14867
reference_id
reference_type
scores
0
value 0.06534
scoring_system epss
scoring_elements 0.91147
published_at 2026-04-18T12:55:00Z
1
value 0.06968
scoring_system epss
scoring_elements 0.914
published_at 2026-04-01T12:55:00Z
2
value 0.06968
scoring_system epss
scoring_elements 0.91447
published_at 2026-04-11T12:55:00Z
3
value 0.06968
scoring_system epss
scoring_elements 0.9145
published_at 2026-04-12T12:55:00Z
4
value 0.06968
scoring_system epss
scoring_elements 0.91449
published_at 2026-04-13T12:55:00Z
5
value 0.06968
scoring_system epss
scoring_elements 0.91473
published_at 2026-04-16T12:55:00Z
6
value 0.06968
scoring_system epss
scoring_elements 0.91406
published_at 2026-04-02T12:55:00Z
7
value 0.06968
scoring_system epss
scoring_elements 0.91415
published_at 2026-04-04T12:55:00Z
8
value 0.06968
scoring_system epss
scoring_elements 0.91423
published_at 2026-04-07T12:55:00Z
9
value 0.06968
scoring_system epss
scoring_elements 0.91435
published_at 2026-04-08T12:55:00Z
10
value 0.06968
scoring_system epss
scoring_elements 0.91441
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14867
2
reference_url https://bugs.debian.org/876854
reference_id
reference_type
scores
url https://bugs.debian.org/876854
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.2
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:C/I:C/A:C
1
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://lists.debian.org/debian-security-announce/2017/msg00246.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-security-announce/2017/msg00246.html
6
reference_url https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u
reference_id
reference_type
scores
url https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u
7
reference_url https://www.debian.org/security/2017/dsa-3984
reference_id
reference_type
scores
url https://www.debian.org/security/2017/dsa-3984
8
reference_url http://www.openwall.com/lists/oss-security/2017/09/26/9
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2017/09/26/9
9
reference_url http://www.securityfocus.com/bid/101060
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/101060
10
reference_url http://www.securitytracker.com/id/1039431
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1039431
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1496344
reference_id 1496344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1496344
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854
reference_id 876854
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-14867
reference_id CVE-2017-14867
reference_type
scores
0
value 9.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-14867
34
reference_url https://usn.ubuntu.com/3438-1/
reference_id USN-3438-1
reference_type
scores
url https://usn.ubuntu.com/3438-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
purl pkg:deb/debian/git@1:2.1.4-2.1%2Bdeb8u6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-chdb-9uwu-67f8
19
vulnerability VCID-e33d-r9kx-aucw
20
vulnerability VCID-fmwm-yd3f-muh3
21
vulnerability VCID-frhz-f158-v7be
22
vulnerability VCID-h5v9-82w6-bkcq
23
vulnerability VCID-h8as-wpes-q7eq
24
vulnerability VCID-hr22-p62n-hqd9
25
vulnerability VCID-m5ss-32kw-tyf7
26
vulnerability VCID-m64b-xncz-6khh
27
vulnerability VCID-mhs7-a1hp-dqa3
28
vulnerability VCID-mzyt-2sh3-wydh
29
vulnerability VCID-r377-hfyz-pkgz
30
vulnerability VCID-rq4n-gfwv-uqbb
31
vulnerability VCID-skd8-z2m9-5yb4
32
vulnerability VCID-smnt-catx-23e8
33
vulnerability VCID-u6dy-wczq-pbgr
34
vulnerability VCID-uea5-m2b8-3kc4
35
vulnerability VCID-usx6-t5ns-t3bb
36
vulnerability VCID-uszr-cr35-r7gr
37
vulnerability VCID-uysk-79k5-ayhz
38
vulnerability VCID-v84q-w7ye-c7d3
39
vulnerability VCID-vjnp-dnar-p7gy
40
vulnerability VCID-wgzc-r8rd-t3dx
41
vulnerability VCID-x8he-nt8f-57fk
42
vulnerability VCID-y3uw-f72u-5qes
43
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.1.4-2.1%252Bdeb8u6
1
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
2
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
aliases CVE-2017-14867
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m64b-xncz-6khh
8
url VCID-mzyt-2sh3-wydh
vulnerability_id VCID-mzyt-2sh3-wydh
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1352
reference_id
reference_type
scores
0
value 0.11038
scoring_system epss
scoring_elements 0.9346
published_at 2026-04-18T12:55:00Z
1
value 0.11038
scoring_system epss
scoring_elements 0.93429
published_at 2026-04-09T12:55:00Z
2
value 0.11038
scoring_system epss
scoring_elements 0.93434
published_at 2026-04-11T12:55:00Z
3
value 0.11038
scoring_system epss
scoring_elements 0.93435
published_at 2026-04-12T12:55:00Z
4
value 0.11038
scoring_system epss
scoring_elements 0.93436
published_at 2026-04-13T12:55:00Z
5
value 0.11038
scoring_system epss
scoring_elements 0.93455
published_at 2026-04-16T12:55:00Z
6
value 0.11847
scoring_system epss
scoring_elements 0.93707
published_at 2026-04-04T12:55:00Z
7
value 0.11847
scoring_system epss
scoring_elements 0.93687
published_at 2026-04-01T12:55:00Z
8
value 0.11847
scoring_system epss
scoring_elements 0.9371
published_at 2026-04-07T12:55:00Z
9
value 0.11847
scoring_system epss
scoring_elements 0.93719
published_at 2026-04-08T12:55:00Z
10
value 0.11847
scoring_system epss
scoring_elements 0.93697
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1352
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781963
reference_id 1781963
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781963
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
14
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
15
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
16
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1352
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzyt-2sh3-wydh
9
url VCID-smnt-catx-23e8
vulnerability_id VCID-smnt-catx-23e8
summary 
Multiple vulnerabilities have been found in Git which might all
    allow attackers to access sensitive information.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11008
reference_id
reference_type
scores
0
value 0.02219
scoring_system epss
scoring_elements 0.84417
published_at 2026-04-01T12:55:00Z
1
value 0.02219
scoring_system epss
scoring_elements 0.84509
published_at 2026-04-18T12:55:00Z
2
value 0.02219
scoring_system epss
scoring_elements 0.84492
published_at 2026-04-12T12:55:00Z
3
value 0.02219
scoring_system epss
scoring_elements 0.84488
published_at 2026-04-13T12:55:00Z
4
value 0.02219
scoring_system epss
scoring_elements 0.84432
published_at 2026-04-02T12:55:00Z
5
value 0.02219
scoring_system epss
scoring_elements 0.84451
published_at 2026-04-04T12:55:00Z
6
value 0.02219
scoring_system epss
scoring_elements 0.84453
published_at 2026-04-07T12:55:00Z
7
value 0.02219
scoring_system epss
scoring_elements 0.84474
published_at 2026-04-08T12:55:00Z
8
value 0.02219
scoring_system epss
scoring_elements 0.8448
published_at 2026-04-09T12:55:00Z
9
value 0.02219
scoring_system epss
scoring_elements 0.84498
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11008
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1826001
reference_id 1826001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1826001
5
reference_url https://security.archlinux.org/ASA-202004-21
reference_id ASA-202004-21
reference_type
scores
url https://security.archlinux.org/ASA-202004-21
6
reference_url https://security.archlinux.org/AVG-1138
reference_id AVG-1138
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1138
7
reference_url https://security.gentoo.org/glsa/202004-13
reference_id GLSA-202004-13
reference_type
scores
url https://security.gentoo.org/glsa/202004-13
8
reference_url https://access.redhat.com/errata/RHSA-2020:1975
reference_id RHSA-2020:1975
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1975
9
reference_url https://access.redhat.com/errata/RHSA-2020:1978
reference_id RHSA-2020:1978
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1978
10
reference_url https://access.redhat.com/errata/RHSA-2020:1979
reference_id RHSA-2020:1979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1979
11
reference_url https://access.redhat.com/errata/RHSA-2020:1980
reference_id RHSA-2020:1980
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1980
12
reference_url https://access.redhat.com/errata/RHSA-2020:2337
reference_id RHSA-2020:2337
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2337
13
reference_url https://access.redhat.com/errata/RHSA-2020:3581
reference_id RHSA-2020:3581
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3581
14
reference_url https://usn.ubuntu.com/4334-1/
reference_id USN-4334-1
reference_type
scores
url https://usn.ubuntu.com/4334-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2020-11008
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-smnt-catx-23e8
10
url VCID-uea5-m2b8-3kc4
vulnerability_id VCID-uea5-m2b8-3kc4
summary 
Multiple vulnerabilities have been found in Git, the worst of which
    could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1349
reference_id
reference_type
scores
0
value 0.28407
scoring_system epss
scoring_elements 0.96487
published_at 2026-04-01T12:55:00Z
1
value 0.28407
scoring_system epss
scoring_elements 0.96533
published_at 2026-04-18T12:55:00Z
2
value 0.28407
scoring_system epss
scoring_elements 0.96521
published_at 2026-04-13T12:55:00Z
3
value 0.28407
scoring_system epss
scoring_elements 0.96527
published_at 2026-04-16T12:55:00Z
4
value 0.28407
scoring_system epss
scoring_elements 0.96495
published_at 2026-04-02T12:55:00Z
5
value 0.28407
scoring_system epss
scoring_elements 0.965
published_at 2026-04-04T12:55:00Z
6
value 0.28407
scoring_system epss
scoring_elements 0.96504
published_at 2026-04-07T12:55:00Z
7
value 0.28407
scoring_system epss
scoring_elements 0.96512
published_at 2026-04-08T12:55:00Z
8
value 0.28407
scoring_system epss
scoring_elements 0.96514
published_at 2026-04-09T12:55:00Z
9
value 0.28407
scoring_system epss
scoring_elements 0.96518
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781143
reference_id 1781143
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781143
8
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
9
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
10
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
11
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
12
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
13
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
14
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
15
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
16
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1349
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uea5-m2b8-3kc4
11
url VCID-y5fa-ahxz-9kb1
vulnerability_id VCID-y5fa-ahxz-9kb1
summary 
Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1348
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15413
published_at 2026-04-01T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.1524
published_at 2026-04-18T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15383
published_at 2026-04-12T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15317
published_at 2026-04-13T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15234
published_at 2026-04-16T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15453
published_at 2026-04-02T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15522
published_at 2026-04-04T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15322
published_at 2026-04-07T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.1541
published_at 2026-04-08T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1546
published_at 2026-04-09T12:55:00Z
10
value 0.0005
scoring_system epss
scoring_elements 0.15422
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1348
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1781953
reference_id 1781953
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1781953
9
reference_url https://security.archlinux.org/ASA-201912-5
reference_id ASA-201912-5
reference_type
scores
url https://security.archlinux.org/ASA-201912-5
10
reference_url https://security.archlinux.org/ASA-201912-6
reference_id ASA-201912-6
reference_type
scores
url https://security.archlinux.org/ASA-201912-6
11
reference_url https://security.archlinux.org/AVG-1073
reference_id AVG-1073
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1073
12
reference_url https://security.archlinux.org/AVG-1075
reference_id AVG-1075
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1075
13
reference_url https://security.gentoo.org/glsa/202003-30
reference_id GLSA-202003-30
reference_type
scores
url https://security.gentoo.org/glsa/202003-30
14
reference_url https://security.gentoo.org/glsa/202003-42
reference_id GLSA-202003-42
reference_type
scores
url https://security.gentoo.org/glsa/202003-42
15
reference_url https://access.redhat.com/errata/RHSA-2019:4356
reference_id RHSA-2019:4356
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4356
16
reference_url https://access.redhat.com/errata/RHSA-2020:0002
reference_id RHSA-2020:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0002
17
reference_url https://access.redhat.com/errata/RHSA-2020:0228
reference_id RHSA-2020:0228
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0228
18
reference_url https://usn.ubuntu.com/4220-1/
reference_id USN-4220-1
reference_type
scores
url https://usn.ubuntu.com/4220-1/
fixed_packages
0
url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3917-1uyb-jfe5
7
vulnerability VCID-3bkb-3m1h-m7fw
8
vulnerability VCID-415p-yw6x-mucy
9
vulnerability VCID-44s3-56w5-jqhy
10
vulnerability VCID-6uub-fxap-pbfa
11
vulnerability VCID-6wfy-67je-97h1
12
vulnerability VCID-7s2v-tjh1-pfb9
13
vulnerability VCID-7wv5-e9br-nqbd
14
vulnerability VCID-9ngj-sk96-kyh5
15
vulnerability VCID-apjt-gm8p-q7bg
16
vulnerability VCID-bkt1-jmy5-gbbf
17
vulnerability VCID-bn42-x9ez-f7ee
18
vulnerability VCID-e33d-r9kx-aucw
19
vulnerability VCID-fmwm-yd3f-muh3
20
vulnerability VCID-frhz-f158-v7be
21
vulnerability VCID-h8as-wpes-q7eq
22
vulnerability VCID-hr22-p62n-hqd9
23
vulnerability VCID-m5ss-32kw-tyf7
24
vulnerability VCID-m64b-xncz-6khh
25
vulnerability VCID-mhs7-a1hp-dqa3
26
vulnerability VCID-mzyt-2sh3-wydh
27
vulnerability VCID-r377-hfyz-pkgz
28
vulnerability VCID-rq4n-gfwv-uqbb
29
vulnerability VCID-skd8-z2m9-5yb4
30
vulnerability VCID-smnt-catx-23e8
31
vulnerability VCID-u6dy-wczq-pbgr
32
vulnerability VCID-uea5-m2b8-3kc4
33
vulnerability VCID-usx6-t5ns-t3bb
34
vulnerability VCID-uszr-cr35-r7gr
35
vulnerability VCID-v84q-w7ye-c7d3
36
vulnerability VCID-wgzc-r8rd-t3dx
37
vulnerability VCID-x8he-nt8f-57fk
38
vulnerability VCID-y3uw-f72u-5qes
39
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7
1
url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-14ws-nfew-syac
1
vulnerability VCID-1p7p-zdcs-xugj
2
vulnerability VCID-1zaq-cvdq-8bb6
3
vulnerability VCID-22kd-bt99-rqb1
4
vulnerability VCID-2639-78xt-z7d3
5
vulnerability VCID-2nzq-cpwz-8uce
6
vulnerability VCID-3bkb-3m1h-m7fw
7
vulnerability VCID-415p-yw6x-mucy
8
vulnerability VCID-44s3-56w5-jqhy
9
vulnerability VCID-6uub-fxap-pbfa
10
vulnerability VCID-7wv5-e9br-nqbd
11
vulnerability VCID-9ngj-sk96-kyh5
12
vulnerability VCID-apjt-gm8p-q7bg
13
vulnerability VCID-bkt1-jmy5-gbbf
14
vulnerability VCID-bn42-x9ez-f7ee
15
vulnerability VCID-e33d-r9kx-aucw
16
vulnerability VCID-fmwm-yd3f-muh3
17
vulnerability VCID-frhz-f158-v7be
18
vulnerability VCID-h8as-wpes-q7eq
19
vulnerability VCID-hr22-p62n-hqd9
20
vulnerability VCID-m5ss-32kw-tyf7
21
vulnerability VCID-mhs7-a1hp-dqa3
22
vulnerability VCID-mzyt-2sh3-wydh
23
vulnerability VCID-rq4n-gfwv-uqbb
24
vulnerability VCID-skd8-z2m9-5yb4
25
vulnerability VCID-smnt-catx-23e8
26
vulnerability VCID-uea5-m2b8-3kc4
27
vulnerability VCID-usx6-t5ns-t3bb
28
vulnerability VCID-uszr-cr35-r7gr
29
vulnerability VCID-v84q-w7ye-c7d3
30
vulnerability VCID-wgzc-r8rd-t3dx
31
vulnerability VCID-x8he-nt8f-57fk
32
vulnerability VCID-y5fa-ahxz-9kb1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3
2
url pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
purl pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-22kd-bt99-rqb1
1
vulnerability VCID-2639-78xt-z7d3
2
vulnerability VCID-44s3-56w5-jqhy
3
vulnerability VCID-7wv5-e9br-nqbd
4
vulnerability VCID-9ngj-sk96-kyh5
5
vulnerability VCID-bkt1-jmy5-gbbf
6
vulnerability VCID-e33d-r9kx-aucw
7
vulnerability VCID-hr22-p62n-hqd9
8
vulnerability VCID-k8kg-z578-kbdu
9
vulnerability VCID-rq4n-gfwv-uqbb
10
vulnerability VCID-usx6-t5ns-t3bb
11
vulnerability VCID-uszr-cr35-r7gr
12
vulnerability VCID-wgzc-r8rd-t3dx
13
vulnerability VCID-x8he-nt8f-57fk
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2
aliases CVE-2019-1348
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5fa-ahxz-9kb1
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7