Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3

Type deb

Namespace debian

Name git

Version 1:2.39.5-0+deb12u3

Qualifiers

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-22kd-bt99-rqb1

vulnerability_id VCID-22kd-bt99-rqb1

summary git: Git does not sanitize URLs when asking for credentials interactively

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-50349

reference_id

reference_type

scores

value	0.01141
scoring_system	epss
scoring_elements	0.78449
published_at	2026-04-21T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78421
published_at	2026-04-08T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78426
published_at	2026-04-09T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78452
published_at	2026-04-11T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78435
published_at	2026-04-12T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78427
published_at	2026-04-13T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78455
published_at	2026-04-16T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78454
published_at	2026-04-18T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.7838
published_at	2026-04-02T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78411
published_at	2026-04-04T12:55:00Z

value	0.01141
scoring_system	epss
scoring_elements	0.78394
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-50349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
reference_id	1093042
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2337824
reference_id	2337824
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2337824

reference_url

https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8

reference_id

7725b8100ffbbff2750ee4d61a0fcc1f53a086e8

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/

url

https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8

reference_url

https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577

reference_id

c903985bf7e772e2d08275c1a95c8a55ab011577

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/

url

https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577

reference_url

https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr

reference_id

GHSA-hmg8-h7qf-7cxr

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/

url

https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr

reference_url	https://access.redhat.com/errata/RHSA-2025:11462
reference_id	RHSA-2025:11462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11462

reference_url	https://access.redhat.com/errata/RHSA-2025:11533
reference_id	RHSA-2025:11533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11533

reference_url	https://access.redhat.com/errata/RHSA-2025:11534
reference_id	RHSA-2025:11534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11534

reference_url	https://access.redhat.com/errata/RHSA-2025:19601
reference_id	RHSA-2025:19601
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:19601

reference_url	https://usn.ubuntu.com/7207-1/
reference_id	USN-7207-1
reference_type
scores
url	https://usn.ubuntu.com/7207-1/

reference_url	https://usn.ubuntu.com/7207-2/
reference_id	USN-7207-2
reference_type
scores
url	https://usn.ubuntu.com/7207-2/

reference_url	https://usn.ubuntu.com/7964-1/
reference_id	USN-7964-1
reference_type
scores
url	https://usn.ubuntu.com/7964-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-50349

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-22kd-bt99-rqb1

url VCID-2639-78xt-z7d3

vulnerability_id VCID-2639-78xt-z7d3

summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json

reference_id

reference_type

scores

value	3.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-46835

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01077
published_at	2026-04-02T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.0108
published_at	2026-04-04T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01414
published_at	2026-04-21T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01348
published_at	2026-04-09T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01337
published_at	2026-04-18T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01331
published_at	2026-04-12T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01333
published_at	2026-04-13T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01322
published_at	2026-04-16T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01343
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-46835

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id	1108983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379326
reference_id	2379326
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379326

reference_url

https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da

reference_id

dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da

reference_type

scores

value	8.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/

url

https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da

reference_url

https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg

reference_id

GHSA-xfx7-68v4-v8fg

reference_type

scores

value	8.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/

url

https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg

reference_url	https://security.gentoo.org/glsa/202507-09
reference_id	GLSA-202507-09
reference_type
scores
url	https://security.gentoo.org/glsa/202507-09

reference_url	https://access.redhat.com/errata/RHSA-2025:11462
reference_id	RHSA-2025:11462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11462

reference_url	https://access.redhat.com/errata/RHSA-2025:11533
reference_id	RHSA-2025:11533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11533

reference_url	https://access.redhat.com/errata/RHSA-2025:11534
reference_id	RHSA-2025:11534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11534

reference_url	https://usn.ubuntu.com/7626-1/
reference_id	USN-7626-1
reference_type
scores
url	https://usn.ubuntu.com/7626-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2025-46835

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2639-78xt-z7d3

url VCID-44s3-56w5-jqhy

vulnerability_id VCID-44s3-56w5-jqhy

summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-48384

reference_id

reference_type

scores

value	0.00472
scoring_system	epss
scoring_elements	0.64639
published_at	2026-04-02T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.647
published_at	2026-04-21T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64666
published_at	2026-04-13T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64701
published_at	2026-04-16T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64713
published_at	2026-04-18T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64667
published_at	2026-04-04T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64625
published_at	2026-04-07T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64673
published_at	2026-04-08T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64689
published_at	2026-04-09T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64705
published_at	2026-04-11T12:55:00Z

value	0.00472
scoring_system	epss
scoring_elements	0.64694
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-48384

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id	1108983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2378806
reference_id	2378806
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2378806

reference_url

https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9

reference_id

GHSA-vwqx-4fm8-6qc9

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

value	Attend
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-26T03:55:23Z/

url

https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9

reference_url	https://security.gentoo.org/glsa/202507-09
reference_id	GLSA-202507-09
reference_type
scores
url	https://security.gentoo.org/glsa/202507-09

reference_url	https://access.redhat.com/errata/RHSA-2025:11462
reference_id	RHSA-2025:11462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11462

reference_url	https://access.redhat.com/errata/RHSA-2025:11533
reference_id	RHSA-2025:11533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11533

reference_url	https://access.redhat.com/errata/RHSA-2025:11534
reference_id	RHSA-2025:11534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11534

reference_url	https://access.redhat.com/errata/RHSA-2025:11686
reference_id	RHSA-2025:11686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11686

reference_url	https://access.redhat.com/errata/RHSA-2025:11688
reference_id	RHSA-2025:11688
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11688

reference_url	https://access.redhat.com/errata/RHSA-2025:11793
reference_id	RHSA-2025:11793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11793

reference_url	https://access.redhat.com/errata/RHSA-2025:11794
reference_id	RHSA-2025:11794
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11794

reference_url	https://access.redhat.com/errata/RHSA-2025:11795
reference_id	RHSA-2025:11795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11795

reference_url	https://access.redhat.com/errata/RHSA-2025:11796
reference_id	RHSA-2025:11796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11796

reference_url	https://access.redhat.com/errata/RHSA-2025:11800
reference_id	RHSA-2025:11800
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11800

reference_url	https://access.redhat.com/errata/RHSA-2025:11801
reference_id	RHSA-2025:11801
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11801

reference_url	https://access.redhat.com/errata/RHSA-2025:13276
reference_id	RHSA-2025:13276
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13276

reference_url	https://access.redhat.com/errata/RHSA-2025:13325
reference_id	RHSA-2025:13325
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13325

reference_url	https://access.redhat.com/errata/RHSA-2025:13933
reference_id	RHSA-2025:13933
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:13933

reference_url	https://access.redhat.com/errata/RHSA-2025:14059
reference_id	RHSA-2025:14059
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14059

reference_url	https://access.redhat.com/errata/RHSA-2025:14396
reference_id	RHSA-2025:14396
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14396

reference_url	https://access.redhat.com/errata/RHSA-2025:14853
reference_id	RHSA-2025:14853
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14853

reference_url	https://access.redhat.com/errata/RHSA-2025:14858
reference_id	RHSA-2025:14858
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:14858

reference_url	https://access.redhat.com/errata/RHSA-2025:15308
reference_id	RHSA-2025:15308
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15308

reference_url	https://access.redhat.com/errata/RHSA-2025:15672
reference_id	RHSA-2025:15672
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15672

reference_url	https://access.redhat.com/errata/RHSA-2025:15827
reference_id	RHSA-2025:15827
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15827

reference_url	https://access.redhat.com/errata/RHSA-2025:15828
reference_id	RHSA-2025:15828
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:15828

reference_url	https://usn.ubuntu.com/7626-1/
reference_id	USN-7626-1
reference_type
scores
url	https://usn.ubuntu.com/7626-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2025-48384

risk_score 10.0

exploitability 2.0

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44s3-56w5-jqhy

url VCID-7wv5-e9br-nqbd

vulnerability_id VCID-7wv5-e9br-nqbd

summary

Multiple vulnerabilities have been found in libgit2, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-1387

reference_id

reference_type

scores

value	0.02175
scoring_system	epss
scoring_elements	0.84356
published_at	2026-04-21T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84324
published_at	2026-04-09T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84342
published_at	2026-04-11T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84335
published_at	2026-04-12T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84331
published_at	2026-04-13T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84353
published_at	2026-04-16T12:55:00Z

value	0.02175
scoring_system	epss
scoring_elements	0.84354
published_at	2026-04-18T12:55:00Z

value	0.02358
scoring_system	epss
scoring_elements	0.84878
published_at	2026-04-07T12:55:00Z

value	0.02358
scoring_system	epss
scoring_elements	0.84858
published_at	2026-04-02T12:55:00Z

value	0.02358
scoring_system	epss
scoring_elements	0.84843
published_at	2026-04-01T12:55:00Z

value	0.02358
scoring_system	epss
scoring_elements	0.84901
published_at	2026-04-08T12:55:00Z

value	0.02358
scoring_system	epss
scoring_elements	0.84877
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-1387

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1781127
reference_id	1781127
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1781127

reference_url	https://security.archlinux.org/ASA-201912-5
reference_id	ASA-201912-5
reference_type
scores
url	https://security.archlinux.org/ASA-201912-5

reference_url	https://security.archlinux.org/ASA-201912-6
reference_id	ASA-201912-6
reference_type
scores
url	https://security.archlinux.org/ASA-201912-6

reference_url

https://security.archlinux.org/AVG-1073

reference_id

AVG-1073

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1073

reference_url

https://security.archlinux.org/AVG-1075

reference_id

AVG-1075

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1075

reference_url

https://security.gentoo.org/glsa/202003-30

reference_id

GLSA-202003-30

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://security.gentoo.org/glsa/202003-30

reference_url

https://security.gentoo.org/glsa/202003-42

reference_id

GLSA-202003-42

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://security.gentoo.org/glsa/202003-42

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url

https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html

reference_id

msg00019.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html

reference_url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html

reference_id

msg00056.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/

reference_id

N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/

reference_url

https://access.redhat.com/errata/RHSA-2019:4356

reference_id

RHSA-2019:4356

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://access.redhat.com/errata/RHSA-2019:4356

reference_url

https://access.redhat.com/errata/RHSA-2020:0002

reference_id

RHSA-2020:0002

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://access.redhat.com/errata/RHSA-2020:0002

reference_url

https://access.redhat.com/errata/RHSA-2020:0124

reference_id

RHSA-2020:0124

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://access.redhat.com/errata/RHSA-2020:0124

reference_url

https://access.redhat.com/errata/RHSA-2020:0228

reference_id

RHSA-2020:0228

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://access.redhat.com/errata/RHSA-2020:0228

reference_url

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u

reference_id

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u

reference_url	https://usn.ubuntu.com/4220-1/
reference_id	USN-4220-1
reference_type
scores
url	https://usn.ubuntu.com/4220-1/

reference_url

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/

reference_id

xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/

url

https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/

fixed_packages

url pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7

purl pkg:deb/debian/git@1:2.11.0-3%2Bdeb9u7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14ws-nfew-syac

vulnerability	VCID-1p7p-zdcs-xugj

vulnerability	VCID-1zaq-cvdq-8bb6

vulnerability	VCID-22kd-bt99-rqb1

vulnerability	VCID-2639-78xt-z7d3

vulnerability	VCID-2nzq-cpwz-8uce

vulnerability	VCID-3917-1uyb-jfe5

vulnerability	VCID-3bkb-3m1h-m7fw

vulnerability	VCID-415p-yw6x-mucy

vulnerability	VCID-44s3-56w5-jqhy

vulnerability	VCID-6uub-fxap-pbfa

vulnerability	VCID-6wfy-67je-97h1

vulnerability	VCID-7s2v-tjh1-pfb9

vulnerability	VCID-7wv5-e9br-nqbd

vulnerability	VCID-9ngj-sk96-kyh5

vulnerability	VCID-apjt-gm8p-q7bg

vulnerability	VCID-bkt1-jmy5-gbbf

vulnerability	VCID-bn42-x9ez-f7ee

vulnerability	VCID-e33d-r9kx-aucw

vulnerability	VCID-fmwm-yd3f-muh3

vulnerability	VCID-frhz-f158-v7be

vulnerability	VCID-h8as-wpes-q7eq

vulnerability	VCID-hr22-p62n-hqd9

vulnerability	VCID-m5ss-32kw-tyf7

vulnerability	VCID-m64b-xncz-6khh

vulnerability	VCID-mhs7-a1hp-dqa3

vulnerability	VCID-mzyt-2sh3-wydh

vulnerability	VCID-r377-hfyz-pkgz

vulnerability	VCID-rq4n-gfwv-uqbb

vulnerability	VCID-skd8-z2m9-5yb4

vulnerability	VCID-smnt-catx-23e8

vulnerability	VCID-u6dy-wczq-pbgr

vulnerability	VCID-uea5-m2b8-3kc4

vulnerability	VCID-usx6-t5ns-t3bb

vulnerability	VCID-uszr-cr35-r7gr

vulnerability	VCID-v84q-w7ye-c7d3

vulnerability	VCID-wgzc-r8rd-t3dx

vulnerability	VCID-x8he-nt8f-57fk

vulnerability	VCID-y3uw-f72u-5qes

vulnerability	VCID-y5fa-ahxz-9kb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%252Bdeb9u7

url pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3

purl pkg:deb/debian/git@1:2.20.1-2%2Bdeb10u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-14ws-nfew-syac

vulnerability	VCID-1p7p-zdcs-xugj

vulnerability	VCID-1zaq-cvdq-8bb6

vulnerability	VCID-22kd-bt99-rqb1

vulnerability	VCID-2639-78xt-z7d3

vulnerability	VCID-2nzq-cpwz-8uce

vulnerability	VCID-3bkb-3m1h-m7fw

vulnerability	VCID-415p-yw6x-mucy

vulnerability	VCID-44s3-56w5-jqhy

vulnerability	VCID-6uub-fxap-pbfa

vulnerability	VCID-7wv5-e9br-nqbd

vulnerability	VCID-9ngj-sk96-kyh5

vulnerability	VCID-apjt-gm8p-q7bg

vulnerability	VCID-bkt1-jmy5-gbbf

vulnerability	VCID-bn42-x9ez-f7ee

vulnerability	VCID-e33d-r9kx-aucw

vulnerability	VCID-fmwm-yd3f-muh3

vulnerability	VCID-frhz-f158-v7be

vulnerability	VCID-h8as-wpes-q7eq

vulnerability	VCID-hr22-p62n-hqd9

vulnerability	VCID-m5ss-32kw-tyf7

vulnerability	VCID-mhs7-a1hp-dqa3

vulnerability	VCID-mzyt-2sh3-wydh

vulnerability	VCID-rq4n-gfwv-uqbb

vulnerability	VCID-skd8-z2m9-5yb4

vulnerability	VCID-smnt-catx-23e8

vulnerability	VCID-uea5-m2b8-3kc4

vulnerability	VCID-usx6-t5ns-t3bb

vulnerability	VCID-uszr-cr35-r7gr

vulnerability	VCID-v84q-w7ye-c7d3

vulnerability	VCID-wgzc-r8rd-t3dx

vulnerability	VCID-x8he-nt8f-57fk

vulnerability	VCID-y5fa-ahxz-9kb1

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.20.1-2%252Bdeb10u3

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2019-1387

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wv5-e9br-nqbd

url VCID-9ngj-sk96-kyh5

vulnerability_id VCID-9ngj-sk96-kyh5

summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-29007

reference_id

reference_type

scores

value	0.00825
scoring_system	epss
scoring_elements	0.74413
published_at	2026-04-02T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.7444
published_at	2026-04-04T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74415
published_at	2026-04-07T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74447
published_at	2026-04-08T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74464
published_at	2026-04-09T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74495
published_at	2026-04-16T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74502
published_at	2026-04-18T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74486
published_at	2026-04-11T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74466
published_at	2026-04-12T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74457
published_at	2026-04-13T12:55:00Z

value	0.009
scoring_system	epss
scoring_elements	0.75687
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-29007

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id	1034835
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2188338
reference_id	2188338
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2188338

reference_url	https://security.gentoo.org/glsa/202312-15
reference_id	GLSA-202312-15
reference_type
scores
url	https://security.gentoo.org/glsa/202312-15

reference_url	https://access.redhat.com/errata/RHSA-2023:3192
reference_id	RHSA-2023:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3192

reference_url	https://access.redhat.com/errata/RHSA-2023:3243
reference_id	RHSA-2023:3243
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3243

reference_url	https://access.redhat.com/errata/RHSA-2023:3245
reference_id	RHSA-2023:3245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3245

reference_url	https://access.redhat.com/errata/RHSA-2023:3246
reference_id	RHSA-2023:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3246

reference_url	https://access.redhat.com/errata/RHSA-2023:3247
reference_id	RHSA-2023:3247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3247

reference_url	https://access.redhat.com/errata/RHSA-2023:3248
reference_id	RHSA-2023:3248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3248

reference_url	https://access.redhat.com/errata/RHSA-2023:3263
reference_id	RHSA-2023:3263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3263

reference_url	https://access.redhat.com/errata/RHSA-2023:3280
reference_id	RHSA-2023:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3280

reference_url	https://access.redhat.com/errata/RHSA-2023:3382
reference_id	RHSA-2023:3382
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3382

reference_url	https://usn.ubuntu.com/6050-1/
reference_id	USN-6050-1
reference_type
scores
url	https://usn.ubuntu.com/6050-1/

reference_url	https://usn.ubuntu.com/6050-2/
reference_id	USN-6050-2
reference_type
scores
url	https://usn.ubuntu.com/6050-2/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2023-29007

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9ngj-sk96-kyh5

url VCID-bkt1-jmy5-gbbf

vulnerability_id VCID-bkt1-jmy5-gbbf

summary git: symlink bypass

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32021

reference_id

reference_type

scores

value	0.00021
scoring_system	epss
scoring_elements	0.05692
published_at	2026-04-21T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05555
published_at	2026-04-04T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05554
published_at	2026-04-07T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05592
published_at	2026-04-08T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05616
published_at	2026-04-09T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05587
published_at	2026-04-11T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05577
published_at	2026-04-12T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.0557
published_at	2026-04-13T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05518
published_at	2026-04-16T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05527
published_at	2026-04-18T12:55:00Z

value	0.00021
scoring_system	epss
scoring_elements	0.05519
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32021

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id	1071160
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160

reference_url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/

url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280484
reference_id	2280484
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280484

reference_url

https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7

reference_id

GHSA-mvxm-9j2h-qjx7

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/

url

https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url	https://access.redhat.com/errata/RHSA-2024:4083
reference_id	RHSA-2024:4083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4083

reference_url	https://access.redhat.com/errata/RHSA-2024:4084
reference_id	RHSA-2024:4084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4084

reference_url	https://access.redhat.com/errata/RHSA-2024:4368
reference_id	RHSA-2024:4368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4368

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_id

S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_url	https://usn.ubuntu.com/6793-1/
reference_id	USN-6793-1
reference_type
scores
url	https://usn.ubuntu.com/6793-1/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-32021

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bkt1-jmy5-gbbf

url VCID-e33d-r9kx-aucw

vulnerability_id VCID-e33d-r9kx-aucw

summary git: additional local RCE

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32465

reference_id

reference_type

scores

value	0.00155
scoring_system	epss
scoring_elements	0.36154
published_at	2026-04-21T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36301
published_at	2026-04-02T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36334
published_at	2026-04-04T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36168
published_at	2026-04-07T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36218
published_at	2026-04-08T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36236
published_at	2026-04-09T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36241
published_at	2026-04-11T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36204
published_at	2026-04-12T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36179
published_at	2026-04-13T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36221
published_at	2026-04-16T12:55:00Z

value	0.00155
scoring_system	epss
scoring_elements	0.36205
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32465

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id	1071160
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160

reference_url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280446
reference_id	2280446
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280446

reference_url

https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7

reference_id

7b70e9efb18c2cc3f219af399bd384c5801ba1d7

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7

reference_url

https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4

reference_id

GHSA-vm9j-46j9-qvq4

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4

reference_url

https://git-scm.com/docs/git-clone

reference_id

git-clone

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://git-scm.com/docs/git-clone

reference_url

https://git-scm.com/docs/git#_security

reference_id

git#_security

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://git-scm.com/docs/git#_security

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url	https://access.redhat.com/errata/RHSA-2024:4083
reference_id	RHSA-2024:4083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4083

reference_url	https://access.redhat.com/errata/RHSA-2024:4084
reference_id	RHSA-2024:4084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4084

reference_url	https://access.redhat.com/errata/RHSA-2024:4368
reference_id	RHSA-2024:4368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4368

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_id

S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_url	https://usn.ubuntu.com/6793-1/
reference_id	USN-6793-1
reference_type
scores
url	https://usn.ubuntu.com/6793-1/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-32465

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e33d-r9kx-aucw

url VCID-hr22-p62n-hqd9

vulnerability_id VCID-hr22-p62n-hqd9

summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25652

reference_id

reference_type

scores

value	0.01801
scoring_system	epss
scoring_elements	0.82742
published_at	2026-04-02T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.8283
published_at	2026-04-18T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82831
published_at	2026-04-16T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82792
published_at	2026-04-13T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82797
published_at	2026-04-12T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82802
published_at	2026-04-11T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82785
published_at	2026-04-09T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82779
published_at	2026-04-08T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82756
published_at	2026-04-04T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82753
published_at	2026-04-07T12:55:00Z

value	0.03387
scoring_system	epss
scoring_elements	0.87411
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25652

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id	1034835
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835

reference_url

https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902

reference_id

18e2b1cfc80990719275d7b08e6e50f3e8cbc902

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902

reference_url

http://www.openwall.com/lists/oss-security/2023/04/25/2

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

http://www.openwall.com/lists/oss-security/2023/04/25/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2188333
reference_id	2188333
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2188333

reference_url

https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e

reference_id

668f2d53613ac8fd373926ebe219f2c29112d93e

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/

reference_id

BSXOGVVBJLYX26IAYX6PJSYQB36BREWH

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/

reference_url

https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx

reference_id

GHSA-2hvf-7c8p-28fx

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx

reference_url

https://security.gentoo.org/glsa/202312-15

reference_id

GLSA-202312-15

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://security.gentoo.org/glsa/202312-15

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/

reference_id

PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/

reference_url	https://access.redhat.com/errata/RHSA-2023:3192
reference_id	RHSA-2023:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3192

reference_url	https://access.redhat.com/errata/RHSA-2023:3243
reference_id	RHSA-2023:3243
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3243

reference_url	https://access.redhat.com/errata/RHSA-2023:3245
reference_id	RHSA-2023:3245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3245

reference_url	https://access.redhat.com/errata/RHSA-2023:3246
reference_id	RHSA-2023:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3246

reference_url	https://access.redhat.com/errata/RHSA-2023:3247
reference_id	RHSA-2023:3247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3247

reference_url	https://access.redhat.com/errata/RHSA-2023:3248
reference_id	RHSA-2023:3248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3248

reference_url	https://access.redhat.com/errata/RHSA-2023:3263
reference_id	RHSA-2023:3263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3263

reference_url	https://access.redhat.com/errata/RHSA-2023:3280
reference_id	RHSA-2023:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3280

reference_url	https://access.redhat.com/errata/RHSA-2023:3382
reference_id	RHSA-2023:3382
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3382

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/

reference_id

RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/

reference_url	https://usn.ubuntu.com/6050-1/
reference_id	USN-6050-1
reference_type
scores
url	https://usn.ubuntu.com/6050-1/

reference_url	https://usn.ubuntu.com/6050-2/
reference_id	USN-6050-2
reference_type
scores
url	https://usn.ubuntu.com/6050-2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/

reference_id

YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2023-25652

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hr22-p62n-hqd9

url VCID-k8kg-z578-kbdu

vulnerability_id VCID-k8kg-z578-kbdu

summary git: insecure hardlinks

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32020.json

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32020.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32020

reference_id

reference_type

scores

value	0.00165
scoring_system	epss
scoring_elements	0.37577
published_at	2026-04-21T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37692
published_at	2026-04-02T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37717
published_at	2026-04-04T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37596
published_at	2026-04-07T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37648
published_at	2026-04-08T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37661
published_at	2026-04-09T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37674
published_at	2026-04-11T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37641
published_at	2026-04-18T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.37613
published_at	2026-04-13T12:55:00Z

value	0.00165
scoring_system	epss
scoring_elements	0.3766
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32020

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32020
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32020

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id	1071160
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160

reference_url

https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d

reference_id

1204e1a824c34071019fe106348eaa6d88f9528d

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/

url

https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d

reference_url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_id

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/

url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280466
reference_id	2280466
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280466

reference_url

https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703

reference_id

9e65df5eab274bf74c7b570107aacd1303a1e703

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/

url

https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703

reference_url

https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj

reference_id

GHSA-5rfh-556j-fhgj

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/

url

https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj

reference_url	https://access.redhat.com/errata/RHSA-2024:4083
reference_id	RHSA-2024:4083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4083

reference_url	https://access.redhat.com/errata/RHSA-2024:4084
reference_id	RHSA-2024:4084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4084

reference_url	https://access.redhat.com/errata/RHSA-2024:4368
reference_id	RHSA-2024:4368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4368

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_id

S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR

reference_type

scores

value	3.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_url	https://usn.ubuntu.com/6793-1/
reference_id	USN-6793-1
reference_type
scores
url	https://usn.ubuntu.com/6793-1/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-32020

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kg-z578-kbdu

url VCID-rq4n-gfwv-uqbb

vulnerability_id VCID-rq4n-gfwv-uqbb

summary git: RCE while cloning local repos

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32004

reference_id

reference_type

scores

value	0.02428
scoring_system	epss
scoring_elements	0.85169
published_at	2026-04-18T12:55:00Z

value	0.02428
scoring_system	epss
scoring_elements	0.85138
published_at	2026-04-09T12:55:00Z

value	0.02428
scoring_system	epss
scoring_elements	0.85153
published_at	2026-04-11T12:55:00Z

value	0.02428
scoring_system	epss
scoring_elements	0.8515
published_at	2026-04-12T12:55:00Z

value	0.02428
scoring_system	epss
scoring_elements	0.85147
published_at	2026-04-13T12:55:00Z

value	0.02428
scoring_system	epss
scoring_elements	0.85168
published_at	2026-04-21T12:55:00Z

value	0.02631
scoring_system	epss
scoring_elements	0.85667
published_at	2026-04-08T12:55:00Z

value	0.02631
scoring_system	epss
scoring_elements	0.85623
published_at	2026-04-02T12:55:00Z

value	0.02631
scoring_system	epss
scoring_elements	0.85641
published_at	2026-04-04T12:55:00Z

value	0.02631
scoring_system	epss
scoring_elements	0.85648
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32004

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id	1071160
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160

reference_url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_id

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280428
reference_id	2280428
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280428

reference_url

https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8

reference_id

f4aa8c8bb11dae6e769cd930565173808cbb69c8

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8

reference_url

https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389

reference_id

GHSA-xfc6-vwr8-r389

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389

reference_url

https://git-scm.com/docs/git-clone

reference_id

git-clone

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

https://git-scm.com/docs/git-clone

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url	https://access.redhat.com/errata/RHSA-2024:4083
reference_id	RHSA-2024:4083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4083

reference_url	https://access.redhat.com/errata/RHSA-2024:4084
reference_id	RHSA-2024:4084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4084

reference_url	https://access.redhat.com/errata/RHSA-2024:4368
reference_id	RHSA-2024:4368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4368

reference_url	https://access.redhat.com/errata/RHSA-2024:4579
reference_id	RHSA-2024:4579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4579

reference_url	https://access.redhat.com/errata/RHSA-2024:6027
reference_id	RHSA-2024:6027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6027

reference_url	https://access.redhat.com/errata/RHSA-2024:6028
reference_id	RHSA-2024:6028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6028

reference_url	https://access.redhat.com/errata/RHSA-2024:6610
reference_id	RHSA-2024:6610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6610

reference_url	https://access.redhat.com/errata/RHSA-2024:7701
reference_id	RHSA-2024:7701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7701

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_id

S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR

reference_type

scores

value	8.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_url	https://usn.ubuntu.com/6793-1/
reference_id	USN-6793-1
reference_type
scores
url	https://usn.ubuntu.com/6793-1/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-32004

risk_score 3.7

exploitability 0.5

weighted_severity 7.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rq4n-gfwv-uqbb

url VCID-usx6-t5ns-t3bb

vulnerability_id VCID-usx6-t5ns-t3bb

summary Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json

reference_id

reference_type

scores

value	2.2
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-25815

reference_id

reference_type

scores

value	0.00099
scoring_system	epss
scoring_elements	0.27675
published_at	2026-04-02T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27713
published_at	2026-04-04T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27503
published_at	2026-04-07T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27571
published_at	2026-04-08T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27614
published_at	2026-04-09T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27619
published_at	2026-04-11T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27574
published_at	2026-04-12T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27518
published_at	2026-04-13T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27525
published_at	2026-04-16T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27498
published_at	2026-04-18T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27459
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-25815

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835
reference_id	1034835
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2188337
reference_id	2188337
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2188337

reference_url	https://security.gentoo.org/glsa/202312-15
reference_id	GLSA-202312-15
reference_type
scores
url	https://security.gentoo.org/glsa/202312-15

reference_url	https://access.redhat.com/errata/RHSA-2023:3192
reference_id	RHSA-2023:3192
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3192

reference_url	https://access.redhat.com/errata/RHSA-2023:3243
reference_id	RHSA-2023:3243
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3243

reference_url	https://access.redhat.com/errata/RHSA-2023:3245
reference_id	RHSA-2023:3245
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3245

reference_url	https://access.redhat.com/errata/RHSA-2023:3246
reference_id	RHSA-2023:3246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3246

reference_url	https://access.redhat.com/errata/RHSA-2023:3247
reference_id	RHSA-2023:3247
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3247

reference_url	https://access.redhat.com/errata/RHSA-2023:3248
reference_id	RHSA-2023:3248
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3248

reference_url	https://access.redhat.com/errata/RHSA-2023:3280
reference_id	RHSA-2023:3280
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3280

reference_url	https://access.redhat.com/errata/RHSA-2023:3382
reference_id	RHSA-2023:3382
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3382

reference_url	https://usn.ubuntu.com/6050-1/
reference_id	USN-6050-1
reference_type
scores
url	https://usn.ubuntu.com/6050-1/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2023-25815

risk_score 1.0

exploitability 0.5

weighted_severity 2.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-usx6-t5ns-t3bb

url VCID-uszr-cr35-r7gr

vulnerability_id VCID-uszr-cr35-r7gr

summary git: Recursive clones RCE

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-32002

reference_id

reference_type

scores

value	0.80377
scoring_system	epss
scoring_elements	0.99126
published_at	2026-04-18T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99125
published_at	2026-04-16T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99123
published_at	2026-04-13T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99122
published_at	2026-04-09T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99121
published_at	2026-04-07T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99115
published_at	2026-04-02T12:55:00Z

value	0.80377
scoring_system	epss
scoring_elements	0.99118
published_at	2026-04-04T12:55:00Z

value	0.8064
scoring_system	epss
scoring_elements	0.99143
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-32002

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160
reference_id	1071160
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160

reference_url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

http://www.openwall.com/lists/oss-security/2024/05/14/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2280421
reference_id	2280421
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2280421

reference_url

https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d

reference_id

97065761333fd62db1912d81b489db938d8c991d

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d

reference_url

https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv

reference_id

GHSA-8h77-4q3w-gfgv

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv

reference_url

https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt

reference_id

git-clone.txt---recurse-submodulesltpathspecgt

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt

reference_url

https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks

reference_id

git-config.txt-coresymlinks

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_id

msg00018.html

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html

reference_url	https://access.redhat.com/errata/RHSA-2024:4083
reference_id	RHSA-2024:4083
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4083

reference_url	https://access.redhat.com/errata/RHSA-2024:4084
reference_id	RHSA-2024:4084
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4084

reference_url	https://access.redhat.com/errata/RHSA-2024:4368
reference_id	RHSA-2024:4368
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4368

reference_url	https://access.redhat.com/errata/RHSA-2024:4579
reference_id	RHSA-2024:4579
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4579

reference_url	https://access.redhat.com/errata/RHSA-2024:6027
reference_id	RHSA-2024:6027
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6027

reference_url	https://access.redhat.com/errata/RHSA-2024:6028
reference_id	RHSA-2024:6028
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6028

reference_url	https://access.redhat.com/errata/RHSA-2024:6610
reference_id	RHSA-2024:6610
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6610

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_id

S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/

reference_url	https://usn.ubuntu.com/6793-1/
reference_id	USN-6793-1
reference_type
scores
url	https://usn.ubuntu.com/6793-1/

reference_url	https://usn.ubuntu.com/6793-2/
reference_id	USN-6793-2
reference_type
scores
url	https://usn.ubuntu.com/6793-2/

reference_url	https://usn.ubuntu.com/7023-1/
reference_id	USN-7023-1
reference_type
scores
url	https://usn.ubuntu.com/7023-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-32002

risk_score 10.0

exploitability 2.0

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uszr-cr35-r7gr

url VCID-wgzc-r8rd-t3dx

vulnerability_id VCID-wgzc-r8rd-t3dx

summary git: Newline confusion in credential helpers can lead to credential exfiltration in git

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-52006

reference_id

reference_type

scores

value	0.01025
scoring_system	epss
scoring_elements	0.77303
published_at	2026-04-21T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77216
published_at	2026-04-02T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77245
published_at	2026-04-04T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77227
published_at	2026-04-07T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77259
published_at	2026-04-08T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77267
published_at	2026-04-09T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77295
published_at	2026-04-11T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77274
published_at	2026-04-12T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77272
published_at	2026-04-13T12:55:00Z

value	0.01025
scoring_system	epss
scoring_elements	0.77311
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-52006

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042
reference_id	1093042
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2337956
reference_id	2337956
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2337956

reference_url

https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060

reference_id

b01b9b81d36759cdcd07305e78765199e1bc2060

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/

url

https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060

reference_url

https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q

reference_id

GHSA-qm7j-c969-7j4q

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/

url

https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q

reference_url

https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp

reference_id

GHSA-r5ph-xg7q-xfrp

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/

url

https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp

reference_url	https://access.redhat.com/errata/RHSA-2025:11462
reference_id	RHSA-2025:11462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11462

reference_url	https://access.redhat.com/errata/RHSA-2025:11533
reference_id	RHSA-2025:11533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11533

reference_url	https://access.redhat.com/errata/RHSA-2025:11534
reference_id	RHSA-2025:11534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11534

reference_url	https://usn.ubuntu.com/7207-1/
reference_id	USN-7207-1
reference_type
scores
url	https://usn.ubuntu.com/7207-1/

reference_url	https://usn.ubuntu.com/7207-2/
reference_id	USN-7207-2
reference_type
scores
url	https://usn.ubuntu.com/7207-2/

reference_url	https://usn.ubuntu.com/7964-1/
reference_id	USN-7964-1
reference_type
scores
url	https://usn.ubuntu.com/7964-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2024-52006

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgzc-r8rd-t3dx

url VCID-x8he-nt8f-57fk

vulnerability_id VCID-x8he-nt8f-57fk

summary Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27613

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.0144
published_at	2026-04-02T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01442
published_at	2026-04-04T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02041
published_at	2026-04-21T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01997
published_at	2026-04-08T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02013
published_at	2026-04-09T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01998
published_at	2026-04-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01982
published_at	2026-04-12T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01977
published_at	2026-04-13T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01957
published_at	2026-04-16T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01959
published_at	2026-04-18T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.01995
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27613

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983
reference_id	1108983
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2379124
reference_id	2379124
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2379124

reference_url

https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5

reference_id

465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/

url

https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5

reference_url

https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652

reference_id

7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/

url

https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652

reference_url

https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v

reference_id

GHSA-f3cw-xrj3-wr2v

reference_type

scores

value	3.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/

url

https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v

reference_url	https://security.gentoo.org/glsa/202507-09
reference_id	GLSA-202507-09
reference_type
scores
url	https://security.gentoo.org/glsa/202507-09

reference_url	https://access.redhat.com/errata/RHSA-2025:11462
reference_id	RHSA-2025:11462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11462

reference_url	https://access.redhat.com/errata/RHSA-2025:11533
reference_id	RHSA-2025:11533
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11533

reference_url	https://access.redhat.com/errata/RHSA-2025:11534
reference_id	RHSA-2025:11534
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:11534

reference_url	https://usn.ubuntu.com/7626-1/
reference_id	USN-7626-1
reference_type
scores
url	https://usn.ubuntu.com/7626-1/

fixed_packages

url	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
purl	pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

aliases CVE-2025-27613

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x8he-nt8f-57fk

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3

Package Instance