{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","type":"deb","namespace":"debian","name":"git","version":"1:2.39.5-0+deb12u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:2.40.1-1","latest_non_vulnerable_version":"1:2.53.0-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80665?format=json","vulnerability_id":"VCID-14ws-nfew-syac","summary":"git: unexpected cross-protocol requests via a repository path containing a newline character","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40330.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40330","reference_id":"","reference_type":"","scores":[{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63431","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.6349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63517","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63481","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63532","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.6355","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63566","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63516","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63553","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.6356","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63545","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63563","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63577","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00447","scoring_system":"epss","scoring_elements":"0.63572","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40330"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999755","reference_id":"1999755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1999755"},{"reference_url":"https://usn.ubuntu.com/5076-1/","reference_id":"USN-5076-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5076-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923208?format=json","purl":"pkg:deb/debian/git@1:2.30.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2021-40330"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-14ws-nfew-syac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45587?format=json","vulnerability_id":"VCID-1p7p-zdcs-xugj","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1353.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1353","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40472","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40552","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40579","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40501","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40562","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40582","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40545","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40526","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40574","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40543","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40466","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40364","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40352","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40271","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40133","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781966","reference_id":"1781966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781966"},{"reference_url":"https://security.archlinux.org/AVG-1074","reference_id":"AVG-1074","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1074"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1353"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1p7p-zdcs-xugj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59052?format=json","vulnerability_id":"VCID-1zaq-cvdq-8bb6","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23946.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-23946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23946","reference_id":"","reference_type":"","scores":[{"value":"0.01458","scoring_system":"epss","scoring_elements":"0.80925","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01458","scoring_system":"epss","scoring_elements":"0.80909","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01498","scoring_system":"epss","scoring_elements":"0.81192","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01498","scoring_system":"epss","scoring_elements":"0.81161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01498","scoring_system":"epss","scoring_elements":"0.81184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82137","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82142","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.8218","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.82103","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01674","scoring_system":"epss","scoring_elements":"0.8213","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03035","scoring_system":"epss","scoring_elements":"0.86612","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03035","scoring_system":"epss","scoring_elements":"0.86632","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-23946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310","reference_id":"1031310","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2168161","reference_id":"2168161","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2168161"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3245","reference_id":"RHSA-2023:3245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3246","reference_id":"RHSA-2023:3246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://usn.ubuntu.com/5871-1/","reference_id":"USN-5871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5871-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923214?format=json","purl":"pkg:deb/debian/git@1:2.39.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-23946"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zaq-cvdq-8bb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72113?format=json","vulnerability_id":"VCID-22kd-bt99-rqb1","summary":"git: Git does not sanitize URLs when asking for credentials interactively","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-50349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50349","reference_id":"","reference_type":"","scores":[{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78519","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78427","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78455","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78454","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78483","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.7849","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78505","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.7838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78411","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78394","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78421","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78426","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78452","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78435","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-50349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50349"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042","reference_id":"1093042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337824","reference_id":"2337824","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337824"},{"reference_url":"https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8","reference_id":"7725b8100ffbbff2750ee4d61a0fcc1f53a086e8","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/"}],"url":"https://github.com/git/git/commit/7725b8100ffbbff2750ee4d61a0fcc1f53a086e8"},{"reference_url":"https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577","reference_id":"c903985bf7e772e2d08275c1a95c8a55ab011577","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/"}],"url":"https://github.com/git/git/commit/c903985bf7e772e2d08275c1a95c8a55ab011577"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr","reference_id":"GHSA-hmg8-h7qf-7cxr","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T19:22:40Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-hmg8-h7qf-7cxr"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19601","reference_id":"RHSA-2025:19601","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19601"},{"reference_url":"https://usn.ubuntu.com/7207-1/","reference_id":"USN-7207-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7207-1/"},{"reference_url":"https://usn.ubuntu.com/7207-2/","reference_id":"USN-7207-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7207-2/"},{"reference_url":"https://usn.ubuntu.com/7964-1/","reference_id":"USN-7964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923219?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923218?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923220?format=json","purl":"pkg:deb/debian/git@1:2.47.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-50349"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22kd-bt99-rqb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51216?format=json","vulnerability_id":"VCID-2639-78xt-z7d3","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-46835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0108","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01077","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01432","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01322","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01423","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01434","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01348","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01337","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01331","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01333","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-46835"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326","reference_id":"2379326","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379326"},{"reference_url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_id":"dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a437f5bc93330a70b42a230e52f3bd036ca1b1da"},{"reference_url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg","reference_id":"GHSA-xfx7-68v4-v8fg","reference_type":"","scores":[{"value":"8.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:53:11Z/"}],"url":"https://github.com/j6t/git-gui/security/advisories/GHSA-xfx7-68v4-v8fg"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923221?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923222?format=json","purl":"pkg:deb/debian/git@1:2.50.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.50.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-46835"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2639-78xt-z7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86309?format=json","vulnerability_id":"VCID-2ck9-ugf3-afd2","summary":"git: git-prompt.sh does not sanitize branch names in $PS1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9938.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9938.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9938","reference_id":"","reference_type":"","scores":[{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.7309","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73229","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73225","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73235","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.731","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.7312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73095","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73131","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73169","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.7315","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73143","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73187","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.73196","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0075","scoring_system":"epss","scoring_elements":"0.7319","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9938"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9938","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9938"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/git/git/commit/8976500cbbb13270398d3b3e07a17b8cc7bff43f","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/commit/8976500cbbb13270398d3b3e07a17b8cc7bff43f"},{"reference_url":"https://github.com/njhartwell/pw3nage","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/njhartwell/pw3nage"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434415","reference_id":"1434415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1434415"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9938","reference_id":"CVE-2014-9938","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2004","reference_id":"RHSA-2017:2004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2004"},{"reference_url":"https://usn.ubuntu.com/3243-1/","reference_id":"USN-3243-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3243-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923192?format=json","purl":"pkg:deb/debian/git@1:2.0.0~rc2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.0.0~rc2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2014-9938"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ck9-ugf3-afd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45605?format=json","vulnerability_id":"VCID-2nzq-cpwz-8uce","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19604.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19604","reference_id":"","reference_type":"","scores":[{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.79955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.79962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.79984","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.79973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80001","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80013","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80005","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80034","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80035","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80062","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80067","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80083","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01339","scoring_system":"epss","scoring_elements":"0.80097","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-19604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781971","reference_id":"1781971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781971"},{"reference_url":"https://security.archlinux.org/ASA-201912-6","reference_id":"ASA-201912-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-6"},{"reference_url":"https://security.archlinux.org/AVG-1073","reference_id":"AVG-1073","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1073"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-19604"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2nzq-cpwz-8uce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59432?format=json","vulnerability_id":"VCID-3917-1uyb-jfe5","summary":"Git contains multiple vulnerabilities that allow for the remote\n    execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11235","reference_id":"","reference_type":"","scores":[{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97394","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97439","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97431","published_at":"2026-04-18T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.9743","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97435","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.974","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97407","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97414","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97419","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4172","scoring_system":"epss","scoring_elements":"0.97427","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11235"},{"reference_url":"https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://marc.info/?l=git&m=152761328506724&w=2","reference_id":"","reference_type":"","scores":[],"url":"https://marc.info/?l=git&m=152761328506724&w=2"},{"reference_url":"https://www.debian.org/security/2018/dsa-4212","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4212"},{"reference_url":"https://www.exploit-db.com/exploits/44822/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44822/"},{"reference_url":"http://www.securityfocus.com/bid/104345","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104345"},{"reference_url":"http://www.securitytracker.com/id/1040991","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1040991"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583862","reference_id":"1583862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583862"},{"reference_url":"https://security.archlinux.org/ASA-201806-1","reference_id":"ASA-201806-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-1"},{"reference_url":"https://security.archlinux.org/AVG-711","reference_id":"AVG-711","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-711"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11235","reference_id":"CVE-2018-11235","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11235"},{"reference_url":"https://security.gentoo.org/glsa/201805-13","reference_id":"GLSA-201805-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1957","reference_id":"RHSA-2018:1957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2147","reference_id":"RHSA-2018:2147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2147"},{"reference_url":"https://usn.ubuntu.com/3671-1/","reference_id":"USN-3671-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3671-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923200?format=json","purl":"pkg:deb/debian/git@1:2.17.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.17.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2018-11235"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3917-1uyb-jfe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59049?format=json","vulnerability_id":"VCID-3bkb-3m1h-m7fw","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41903.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41903.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41903","reference_id":"","reference_type":"","scores":[{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95863","published_at":"2026-05-05T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95824","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95828","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95829","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95841","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95846","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95849","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22424","scoring_system":"epss","scoring_elements":"0.95851","published_at":"2026-04-29T12:55:00Z"},{"value":"0.25734","scoring_system":"epss","scoring_elements":"0.96216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.25734","scoring_system":"epss","scoring_elements":"0.96223","published_at":"2026-04-04T12:55:00Z"},{"value":"0.25734","scoring_system":"epss","scoring_elements":"0.96228","published_at":"2026-04-07T12:55:00Z"},{"value":"0.25734","scoring_system":"epss","scoring_elements":"0.96237","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41903"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114","reference_id":"1029114","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162056","reference_id":"2162056","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162056"},{"reference_url":"https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76","reference_id":"508386c6c5857b4faa2c3e491f422c98cc69ae76","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/"}],"url":"https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76"},{"reference_url":"https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst","reference_id":"Customizing-Git-Git-Attributes#_export_subst","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/"}],"url":"https://git-scm.com/book/en/v2/Customizing-Git-Git-Attributes#_export_subst"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq","reference_id":"GHSA-475x-2q3q-hvwq","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/"}],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem","reference_id":"pretty-formats.txt-emltltNgttruncltruncmtruncem","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-10T20:59:12Z/"}],"url":"https://git-scm.com/docs/pretty-formats#Documentation/pretty-formats.txt-emltltNgttruncltruncmtruncem"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0596","reference_id":"RHSA-2023:0596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0597","reference_id":"RHSA-2023:0597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0599","reference_id":"RHSA-2023:0599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0609","reference_id":"RHSA-2023:0609","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0609"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0610","reference_id":"RHSA-2023:0610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0611","reference_id":"RHSA-2023:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0627","reference_id":"RHSA-2023:0627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0628","reference_id":"RHSA-2023:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0978","reference_id":"RHSA-2023:0978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1677","reference_id":"RHSA-2023:1677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1677"},{"reference_url":"https://usn.ubuntu.com/5810-1/","reference_id":"USN-5810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-1/"},{"reference_url":"https://usn.ubuntu.com/5810-3/","reference_id":"USN-5810-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-3/"},{"reference_url":"https://usn.ubuntu.com/5810-4/","reference_id":"USN-5810-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923209?format=json","purl":"pkg:deb/debian/git@1:2.39.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41903"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3bkb-3m1h-m7fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59046?format=json","vulnerability_id":"VCID-415p-yw6x-mucy","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24765.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24765.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24765","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38594","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3915","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.3907","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39125","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39097","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39116","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39033","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39122","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39152","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39391","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39474","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39487","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2073414","reference_id":"2073414","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2073414"},{"reference_url":"http://seclists.org/fulldisclosure/2022/May/31","reference_id":"31","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"http://seclists.org/fulldisclosure/2022/May/31"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/","reference_id":"5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/04/12/7","reference_id":"7","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/04/12/7"},{"reference_url":"https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash","reference_id":"Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash"},{"reference_url":"https://security.archlinux.org/AVG-2679","reference_id":"AVG-2679","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2679"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/","reference_id":"BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/","reference_id":"DDI325LOO2XBDDKLINOAQJEG6MHAURZE","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/","reference_id":"DIKWISWUDFT2FAITYIA6372BVLH3OOOC","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/"},{"reference_url":"https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode","reference_id":"git.txt-codeGITCEILINGDIRECTORIEScode","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://support.apple.com/kb/HT213261","reference_id":"HT213261","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://support.apple.com/kb/HT213261"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/","reference_id":"HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html","reference_id":"msg00025.html","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2319","reference_id":"RHSA-2023:2319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2859","reference_id":"RHSA-2023:2859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/","reference_id":"SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/","reference_id":"TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/","reference_id":"UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/"},{"reference_url":"https://usn.ubuntu.com/5376-1/","reference_id":"USN-5376-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5376-1/"},{"reference_url":"https://usn.ubuntu.com/5376-2/","reference_id":"USN-5376-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5376-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/","reference_id":"YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-16T17:47:32Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923211?format=json","purl":"pkg:deb/debian/git@1:2.35.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.35.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-24765"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-415p-yw6x-mucy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51217?format=json","vulnerability_id":"VCID-44s3-56w5-jqhy","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64639","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64705","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.647","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6472","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64732","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64729","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64667","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64625","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64689","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64694","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64666","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64701","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64713","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70217","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806","reference_id":"2378806","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378806"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9","reference_id":"GHSA-vwqx-4fm8-6qc9","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-26T03:55:23Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11686","reference_id":"RHSA-2025:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11688","reference_id":"RHSA-2025:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11793","reference_id":"RHSA-2025:11793","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11793"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11794","reference_id":"RHSA-2025:11794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11795","reference_id":"RHSA-2025:11795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11796","reference_id":"RHSA-2025:11796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11800","reference_id":"RHSA-2025:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11801","reference_id":"RHSA-2025:11801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13276","reference_id":"RHSA-2025:13276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13933","reference_id":"RHSA-2025:13933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15308","reference_id":"RHSA-2025:15308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923221?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923222?format=json","purl":"pkg:deb/debian/git@1:2.50.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.50.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48384"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44s3-56w5-jqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51214?format=json","vulnerability_id":"VCID-45wh-upym-1yaw","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27614.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00684","published_at":"2026-04-02T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00833","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0078","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00827","published_at":"2026-04-21T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0083","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00836","published_at":"2026-04-26T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00832","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00677","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00794","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00789","published_at":"2026-04-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00784","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00778","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00779","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27614"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125","reference_id":"2379125","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379125"},{"reference_url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129","reference_id":"8e3070aa5e331be45d4d03e3be41f84494fce129","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/commit/8e3070aa5e331be45d4d03e3be41f84494fce129"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc","reference_id":"GHSA-g4v5-fjv9-mhhc","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:41Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-g4v5-fjv9-mhhc"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923190?format=json","purl":"pkg:deb/debian/git@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923222?format=json","purl":"pkg:deb/debian/git@1:2.50.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.50.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27614"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-45wh-upym-1yaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59045?format=json","vulnerability_id":"VCID-6uub-fxap-pbfa","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23521.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-23521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23521","reference_id":"","reference_type":"","scores":[{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93831","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93851","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93855","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.9386","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93882","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93888","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93889","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93892","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.9384","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12292","scoring_system":"epss","scoring_elements":"0.93843","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114","reference_id":"1029114","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029114"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162055","reference_id":"2162055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2162055"},{"reference_url":"https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76","reference_id":"508386c6c5857b4faa2c3e491f422c98cc69ae76","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/"}],"url":"https://github.com/git/git/commit/508386c6c5857b4faa2c3e491f422c98cc69ae76"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89","reference_id":"GHSA-c738-c5qq-xg89","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:36:25Z/"}],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0596","reference_id":"RHSA-2023:0596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0597","reference_id":"RHSA-2023:0597","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0599","reference_id":"RHSA-2023:0599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0609","reference_id":"RHSA-2023:0609","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0609"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0610","reference_id":"RHSA-2023:0610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0611","reference_id":"RHSA-2023:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0627","reference_id":"RHSA-2023:0627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0628","reference_id":"RHSA-2023:0628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0978","reference_id":"RHSA-2023:0978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1677","reference_id":"RHSA-2023:1677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1677"},{"reference_url":"https://usn.ubuntu.com/5810-1/","reference_id":"USN-5810-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-1/"},{"reference_url":"https://usn.ubuntu.com/5810-3/","reference_id":"USN-5810-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-3/"},{"reference_url":"https://usn.ubuntu.com/5810-4/","reference_id":"USN-5810-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5810-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923209?format=json","purl":"pkg:deb/debian/git@1:2.39.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-23521"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uub-fxap-pbfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48316?format=json","vulnerability_id":"VCID-6wfy-67je-97h1","summary":"A command injection vulnerability in Git may allow remote attackers\n    to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2675","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2675"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000117","reference_id":"","reference_type":"","scores":[{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98924","published_at":"2026-04-01T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98952","published_at":"2026-05-05T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98937","published_at":"2026-04-16T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98939","published_at":"2026-04-18T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.9894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98944","published_at":"2026-04-26T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98925","published_at":"2026-04-02T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.9893","published_at":"2026-04-07T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98932","published_at":"2026-04-09T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98934","published_at":"2026-04-11T12:55:00Z"},{"value":"0.76431","scoring_system":"epss","scoring_elements":"0.98935","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"8.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://support.apple.com/HT208103","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/HT208103"},{"reference_url":"https://www.exploit-db.com/exploits/42599/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/42599/"},{"reference_url":"https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html","reference_id":"","reference_type":"","scores":[],"url":"https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html"},{"reference_url":"http://www.debian.org/security/2017/dsa-3934","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3934"},{"reference_url":"http://www.securityfocus.com/bid/100283","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/100283"},{"reference_url":"http://www.securitytracker.com/id/1039131","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039131"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480386","reference_id":"1480386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480386"},{"reference_url":"https://security.archlinux.org/ASA-201708-6","reference_id":"ASA-201708-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-6"},{"reference_url":"https://security.archlinux.org/AVG-377","reference_id":"AVG-377","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-377"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.10.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.8.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.9.4:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb","reference_id":"CVE-2017-1000117","reference_type":"exploit","scores":[],"url":"https://github.com/rapid7/metasploit-framework/blob/202c936868328a4fe665c9d2ea82b8f8a2610b6e/modules/exploits/multi/http/git_submodule_command_exec.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb","reference_id":"CVE-2017-1000117","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/python/remote/42599.rb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000117","reference_id":"CVE-2017-1000117","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000117"},{"reference_url":"https://security.gentoo.org/glsa/201709-10","reference_id":"GLSA-201709-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2484","reference_id":"RHSA-2017:2484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2485","reference_id":"RHSA-2017:2485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2491","reference_id":"RHSA-2017:2491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2674","reference_id":"RHSA-2017:2674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2674"},{"reference_url":"https://usn.ubuntu.com/3387-1/","reference_id":"USN-3387-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3387-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923196?format=json","purl":"pkg:deb/debian/git@1:2.14.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.14.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2017-1000117"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6wfy-67je-97h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51219?format=json","vulnerability_id":"VCID-798q-zhst-f3b9","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.06978","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.005","published_at":"2026-04-02T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00644","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00683","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00685","published_at":"2026-04-26T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00686","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00652","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00655","published_at":"2026-04-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00654","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00647","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00642","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00636","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0064","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00681","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807","reference_id":"2378807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378807"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr","reference_id":"GHSA-4v56-3xvj-xvfr","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-08T18:46:25Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923190?format=json","purl":"pkg:deb/debian/git@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48386"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-798q-zhst-f3b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74712?format=json","vulnerability_id":"VCID-7s2v-tjh1-pfb9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17456.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17456","reference_id":"","reference_type":"","scores":[{"value":"0.6532","scoring_system":"epss","scoring_elements":"0.985","published_at":"2026-05-05T12:55:00Z"},{"value":"0.6532","scoring_system":"epss","scoring_elements":"0.98496","published_at":"2026-04-24T12:55:00Z"},{"value":"0.6532","scoring_system":"epss","scoring_elements":"0.98497","published_at":"2026-04-26T12:55:00Z"},{"value":"0.6532","scoring_system":"epss","scoring_elements":"0.98495","published_at":"2026-04-29T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98514","published_at":"2026-04-02T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.9852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98521","published_at":"2026-04-09T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98529","published_at":"2026-04-16T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.9853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98531","published_at":"2026-04-21T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98512","published_at":"2026-04-01T12:55:00Z"},{"value":"0.66226","scoring_system":"epss","scoring_elements":"0.98516","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17456"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636619","reference_id":"1636619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636619"},{"reference_url":"https://security.archlinux.org/ASA-201810-7","reference_id":"ASA-201810-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201810-7"},{"reference_url":"https://security.archlinux.org/AVG-776","reference_id":"AVG-776","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-776"},{"reference_url":"https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6","reference_id":"CVE-2018-17456","reference_type":"exploit","scores":[],"url":"https://gist.github.com/joernchen/38dd6400199a542bc9660ea563dcf2b6"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt","reference_id":"CVE-2018-17456","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45548.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md","reference_id":"CVE-2018-17456","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/45631.md"},{"reference_url":"https://marc.info/?l=git&m=153875888916397&w=2","reference_id":"CVE-2018-17456","reference_type":"exploit","scores":[],"url":"https://marc.info/?l=git&m=153875888916397&w=2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3408","reference_id":"RHSA-2018:3408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3541","reference_id":"RHSA-2018:3541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0316","reference_id":"RHSA-2020:0316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0316"},{"reference_url":"https://usn.ubuntu.com/3791-1/","reference_id":"USN-3791-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3791-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923201?format=json","purl":"pkg:deb/debian/git@1:2.19.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.19.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2018-17456"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2v-tjh1-pfb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34614?format=json","vulnerability_id":"VCID-7wv5-e9br-nqbd","summary":"Multiple vulnerabilities have been found in libgit2, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1387","reference_id":"","reference_type":"","scores":[{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84335","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84392","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84324","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84342","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84383","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84356","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84354","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84353","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84416","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02175","scoring_system":"epss","scoring_elements":"0.84331","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84878","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84858","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84843","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84877","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02358","scoring_system":"epss","scoring_elements":"0.84901","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781127","reference_id":"1781127","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781127"},{"reference_url":"https://security.archlinux.org/ASA-201912-5","reference_id":"ASA-201912-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-5"},{"reference_url":"https://security.archlinux.org/ASA-201912-6","reference_id":"ASA-201912-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-6"},{"reference_url":"https://security.archlinux.org/AVG-1073","reference_id":"AVG-1073","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1073"},{"reference_url":"https://security.archlinux.org/AVG-1075","reference_id":"AVG-1075","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1075"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://security.gentoo.org/glsa/202003-42","reference_id":"GLSA-202003-42","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://security.gentoo.org/glsa/202003-42"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html","reference_id":"msg00019.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00019.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html","reference_id":"msg00056.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/","reference_id":"N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6UGTEOXWIYSM5KDZL74QD2GK6YQNQCP/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4356","reference_id":"RHSA-2019:4356","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2019:4356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0002","reference_id":"RHSA-2020:0002","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0124","reference_id":"RHSA-2020:0124","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0228","reference_id":"RHSA-2020:0228","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2020:0228"},{"reference_url":"https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u","reference_id":"#u","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"},{"reference_url":"https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/","reference_id":"xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T18:49:36Z/"}],"url":"https://public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1387"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wv5-e9br-nqbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59055?format=json","vulnerability_id":"VCID-9ngj-sk96-kyh5","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29007","reference_id":"","reference_type":"","scores":[{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.71889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00692","scoring_system":"epss","scoring_elements":"0.719","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00705","scoring_system":"epss","scoring_elements":"0.7218","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74415","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74447","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74464","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74486","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74466","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74495","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.74413","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00825","scoring_system":"epss","scoring_elements":"0.7444","published_at":"2026-04-04T12:55:00Z"},{"value":"0.009","scoring_system":"epss","scoring_elements":"0.75687","published_at":"2026-04-21T12:55:00Z"},{"value":"0.009","scoring_system":"epss","scoring_elements":"0.75727","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29007"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835","reference_id":"1034835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188338","reference_id":"2188338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188338"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3192","reference_id":"RHSA-2023:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3243","reference_id":"RHSA-2023:3243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3245","reference_id":"RHSA-2023:3245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3246","reference_id":"RHSA-2023:3246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3247","reference_id":"RHSA-2023:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3248","reference_id":"RHSA-2023:3248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3263","reference_id":"RHSA-2023:3263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3280","reference_id":"RHSA-2023:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3382","reference_id":"RHSA-2023:3382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3382"},{"reference_url":"https://usn.ubuntu.com/6050-1/","reference_id":"USN-6050-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6050-1/"},{"reference_url":"https://usn.ubuntu.com/6050-2/","reference_id":"USN-6050-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6050-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923216?format=json","purl":"pkg:deb/debian/git@1:2.40.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.40.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-29007"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ngj-sk96-kyh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51218?format=json","vulnerability_id":"VCID-9v77-vh5p-97e1","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48385.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48385.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48385","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17781","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19407","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19411","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19559","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19354","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19269","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19077","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19066","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19021","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19364","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19307","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38393","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48385"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378808","reference_id":"2378808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2378808"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655","reference_id":"GHSA-m98c-vgpc-9655","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-08T18:38:28Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11686","reference_id":"RHSA-2025:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11794","reference_id":"RHSA-2025:11794","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11794"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11795","reference_id":"RHSA-2025:11795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13276","reference_id":"RHSA-2025:13276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13325","reference_id":"RHSA-2025:13325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13933","reference_id":"RHSA-2025:13933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14059","reference_id":"RHSA-2025:14059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14396","reference_id":"RHSA-2025:14396","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14396"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14853","reference_id":"RHSA-2025:14853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14858","reference_id":"RHSA-2025:14858","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14858"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15672","reference_id":"RHSA-2025:15672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15847","reference_id":"RHSA-2025:15847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15847"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923190?format=json","purl":"pkg:deb/debian/git@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923222?format=json","purl":"pkg:deb/debian/git@1:2.50.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.50.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-48385"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9v77-vh5p-97e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51215?format=json","vulnerability_id":"VCID-am26-gvw2-z7gw","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46334","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00787","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00786","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00994","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00928","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00935","published_at":"2026-04-18T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00986","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00988","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00947","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00951","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00946","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00934","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0093","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00931","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46334"},{"reference_url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9","reference_id":"dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:14Z/"}],"url":"https://github.com/j6t/git-gui/compare/dcda716dbc9c90bcac4611bd1076747671ee0906..a1ccd2512072cf52835050f4c97a4fba9f0ec8f9"},{"reference_url":"https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx","reference_id":"GHSA-7px4-9hg2-fvhx","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-10T15:54:14Z/"}],"url":"https://github.com/j6t/git-gui/security/advisories/GHSA-7px4-9hg2-fvhx"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923190?format=json","purl":"pkg:deb/debian/git@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-46334"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-am26-gvw2-z7gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45594?format=json","vulnerability_id":"VCID-apjt-gm8p-q7bg","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1354.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1354","reference_id":"","reference_type":"","scores":[{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96311","published_at":"2026-05-05T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96303","published_at":"2026-04-29T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96246","published_at":"2026-04-01T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96261","published_at":"2026-04-04T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96274","published_at":"2026-04-08T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96277","published_at":"2026-04-09T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96282","published_at":"2026-04-11T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96281","published_at":"2026-04-12T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96285","published_at":"2026-04-13T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96294","published_at":"2026-04-16T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96298","published_at":"2026-04-18T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.963","published_at":"2026-04-24T12:55:00Z"},{"value":"0.26102","scoring_system":"epss","scoring_elements":"0.96301","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1354"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1354"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"0","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781968","reference_id":"1781968","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781968"},{"reference_url":"https://security.archlinux.org/AVG-1074","reference_id":"AVG-1074","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1074"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1354"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apjt-gm8p-q7bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76363?format=json","vulnerability_id":"VCID-bkt1-jmy5-gbbf","summary":"git: symlink bypass","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32021","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05587","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0557","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05518","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05527","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05692","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05727","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05763","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05769","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05519","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05554","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05592","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05616","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160","reference_id":"1071160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/14/2","reference_id":"2","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/14/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280484","reference_id":"2280484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280484"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7","reference_id":"GHSA-mvxm-9j2h-qjx7","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-mvxm-9j2h-qjx7"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4083","reference_id":"RHSA-2024:4083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4084","reference_id":"RHSA-2024:4084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4368","reference_id":"RHSA-2024:4368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4368"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/","reference_id":"S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-11T20:29:23Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"},{"reference_url":"https://usn.ubuntu.com/6793-1/","reference_id":"USN-6793-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-1/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923217?format=json","purl":"pkg:deb/debian/git@1:2.45.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.45.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32021"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bkt1-jmy5-gbbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59047?format=json","vulnerability_id":"VCID-bn42-x9ez-f7ee","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39253.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39253.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39253","reference_id":"","reference_type":"","scores":[{"value":"0.02579","scoring_system":"epss","scoring_elements":"0.8564","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02579","scoring_system":"epss","scoring_elements":"0.85588","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02579","scoring_system":"epss","scoring_elements":"0.85609","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02579","scoring_system":"epss","scoring_elements":"0.8562","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02579","scoring_system":"epss","scoring_elements":"0.85621","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86101","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86098","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86094","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86111","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86087","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.8604","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02794","scoring_system":"epss","scoring_elements":"0.86076","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046","reference_id":"1022046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137422","reference_id":"2137422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137422"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2319","reference_id":"RHSA-2023:2319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2859","reference_id":"RHSA-2023:2859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://usn.ubuntu.com/5686-1/","reference_id":"USN-5686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-1/"},{"reference_url":"https://usn.ubuntu.com/5686-3/","reference_id":"USN-5686-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-3/"},{"reference_url":"https://usn.ubuntu.com/5686-4/","reference_id":"USN-5686-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923213?format=json","purl":"pkg:deb/debian/git@1:2.38.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.38.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-39253"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bn42-x9ez-f7ee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49808?format=json","vulnerability_id":"VCID-chdb-9uwu-67f8","summary":"Git contains multiple vulnerabilities that allow for the remote\n    execution of arbitrary code.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179121.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179121.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180763.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180763.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00071.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00071.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00074.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00074.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00076.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00076.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-04/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-04/msg00011.html"},{"reference_url":"http://pastebin.com/UX2P2jjg","reference_id":"","reference_type":"","scores":[],"url":"http://pastebin.com/UX2P2jjg"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0496.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0496.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2315","reference_id":"","reference_type":"","scores":[{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95132","published_at":"2026-05-05T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95069","published_at":"2026-04-01T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.9508","published_at":"2026-04-04T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95082","published_at":"2026-04-07T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.9509","published_at":"2026-04-08T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95093","published_at":"2026-04-09T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95099","published_at":"2026-04-11T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95101","published_at":"2026-04-12T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95113","published_at":"2026-04-16T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95115","published_at":"2026-04-18T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95118","published_at":"2026-04-24T12:55:00Z"},{"value":"0.17652","scoring_system":"epss","scoring_elements":"0.95119","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324"},{"reference_url":"https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/commit/34fa79a6cde56d6d428ab0d3160cb094ebad3305"},{"reference_url":"https://github.com/git/git/commit/de1e67d0703894cb6ea782e36abb63976ab07e60","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/commit/de1e67d0703894cb6ea782e36abb63976ab07e60"},{"reference_url":"https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt"},{"reference_url":"http://www.debian.org/security/2016/dsa-3521","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3521"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/15/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/15/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/84355","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84355"},{"reference_url":"http://www.securitytracker.com/id/1035290","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035290"},{"reference_url":"http://www.ubuntu.com/usn/USN-2938-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2938-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317981","reference_id":"1317981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317981"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818318","reference_id":"818318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818318"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2315","reference_id":"CVE-2016-2315","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2315"},{"reference_url":"https://security.gentoo.org/glsa/201605-01","reference_id":"GLSA-201605-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0496","reference_id":"RHSA-2016:0496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0497","reference_id":"RHSA-2016:0497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0497"},{"reference_url":"https://usn.ubuntu.com/2938-1/","reference_id":"USN-2938-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2938-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923194?format=json","purl":"pkg:deb/debian/git@1:2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2315"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chdb-9uwu-67f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76361?format=json","vulnerability_id":"VCID-e33d-r9kx-aucw","summary":"git: additional local RCE","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32465","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35688","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36334","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36168","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36218","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36236","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36241","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36179","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36221","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36205","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36154","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35891","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35804","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32465"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32465"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160","reference_id":"1071160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/14/2","reference_id":"2","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/14/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280446","reference_id":"2280446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280446"},{"reference_url":"https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7","reference_id":"7b70e9efb18c2cc3f219af399bd384c5801ba1d7","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://github.com/git/git/commit/7b70e9efb18c2cc3f219af399bd384c5801ba1d7"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4","reference_id":"GHSA-vm9j-46j9-qvq4","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-vm9j-46j9-qvq4"},{"reference_url":"https://git-scm.com/docs/git-clone","reference_id":"git-clone","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://git-scm.com/docs/git-clone"},{"reference_url":"https://git-scm.com/docs/git#_security","reference_id":"git#_security","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://git-scm.com/docs/git#_security"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4083","reference_id":"RHSA-2024:4083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4084","reference_id":"RHSA-2024:4084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4368","reference_id":"RHSA-2024:4368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4368"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/","reference_id":"S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T14:24:08Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"},{"reference_url":"https://usn.ubuntu.com/6793-1/","reference_id":"USN-6793-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-1/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923217?format=json","purl":"pkg:deb/debian/git@1:2.45.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.45.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32465"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e33d-r9kx-aucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34613?format=json","vulnerability_id":"VCID-fmwm-yd3f-muh3","summary":"Multiple vulnerabilities have been found in libgit2, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1350.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1350.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1350","reference_id":"","reference_type":"","scores":[{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97209","published_at":"2026-05-05T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97158","published_at":"2026-04-01T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97165","published_at":"2026-04-02T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.9717","published_at":"2026-04-04T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97171","published_at":"2026-04-07T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97181","published_at":"2026-04-08T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97186","published_at":"2026-04-11T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97187","published_at":"2026-04-13T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97195","published_at":"2026-04-16T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97197","published_at":"2026-04-18T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97201","published_at":"2026-04-24T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.37523","scoring_system":"epss","scoring_elements":"0.97204","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1350"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781958","reference_id":"1781958","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781958"},{"reference_url":"https://security.archlinux.org/AVG-1074","reference_id":"AVG-1074","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1074"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://security.gentoo.org/glsa/202003-42","reference_id":"GLSA-202003-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-42"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1350"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fmwm-yd3f-muh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58561?format=json","vulnerability_id":"VCID-frhz-f158-v7be","summary":"Multiple vulnerabilities have been found in Git which might all\n    allow attackers to access sensitive information.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00027.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"},{"reference_url":"http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/157250/Git-Credential-Helper-Protocol-Newline-Injection.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-5260.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5260","reference_id":"","reference_type":"","scores":[{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.9683","published_at":"2026-04-01T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96853","published_at":"2026-04-09T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96852","published_at":"2026-04-08T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96856","published_at":"2026-04-11T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96857","published_at":"2026-04-12T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96858","published_at":"2026-04-13T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96865","published_at":"2026-04-16T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96869","published_at":"2026-04-18T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96871","published_at":"2026-04-21T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96872","published_at":"2026-04-24T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96839","published_at":"2026-04-04T12:55:00Z"},{"value":"0.32539","scoring_system":"epss","scoring_elements":"0.96844","published_at":"2026-04-07T12:55:00Z"},{"value":"0.373","scoring_system":"epss","scoring_elements":"0.97189","published_at":"2026-04-29T12:55:00Z"},{"value":"0.373","scoring_system":"epss","scoring_elements":"0.97187","published_at":"2026-04-26T12:55:00Z"},{"value":"0.37878","scoring_system":"epss","scoring_elements":"0.9723","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-5260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5260"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/commit/9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/04/msg00010.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74Q7WVJ6FKLIN62VS2JD2XCNWK5TNKOW/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7TVS5UG6JD3MYIGSBKMIOS6AF7CR5IPI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCTR2SEHCPSCOVUQJAGFPGKFMI2VE6V/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PN3FUOXKX3AXTULYV53ACABER2W2FSOU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XPCEOIFLLEF24L6GLVJVFZX4CREDEHDF/"},{"reference_url":"https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/","reference_id":"","reference_type":"","scores":[],"url":"https://lore.kernel.org/git/xmqqy2qy7xn8.fsf%40gitster.c.googlers.com/"},{"reference_url":"https://support.apple.com/kb/HT211141","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT211141"},{"reference_url":"https://www.debian.org/security/2020/dsa-4657","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4657"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/15/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/15/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/15/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/15/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2020/04/20/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2020/04/20/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1822020","reference_id":"1822020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1822020"},{"reference_url":"https://security.archlinux.org/ASA-202004-13","reference_id":"ASA-202004-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-13"},{"reference_url":"https://security.archlinux.org/AVG-1133","reference_id":"AVG-1133","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1133"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5260","reference_id":"CVE-2020-5260","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"9.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-5260"},{"reference_url":"https://security.gentoo.org/glsa/202004-13","reference_id":"GLSA-202004-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1503","reference_id":"RHSA-2020:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1511","reference_id":"RHSA-2020:1511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1513","reference_id":"RHSA-2020:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1518","reference_id":"RHSA-2020:1518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3581","reference_id":"RHSA-2020:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3581"},{"reference_url":"https://usn.ubuntu.com/4329-1/","reference_id":"USN-4329-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4329-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923206?format=json","purl":"pkg:deb/debian/git@1:2.26.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.26.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-5260"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frhz-f158-v7be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44894?format=json","vulnerability_id":"VCID-h5v9-82w6-bkcq","summary":"A vulnerability in Git might allow remote attackers to bypass\n    security restrictions.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8386.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8386","reference_id":"","reference_type":"","scores":[{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98763","published_at":"2026-04-01T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98789","published_at":"2026-05-05T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98783","published_at":"2026-04-26T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98784","published_at":"2026-04-29T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98764","published_at":"2026-04-02T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98767","published_at":"2026-04-04T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98769","published_at":"2026-04-09T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.9877","published_at":"2026-04-08T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98773","published_at":"2026-04-13T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98776","published_at":"2026-04-16T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98777","published_at":"2026-04-18T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98779","published_at":"2026-04-21T12:55:00Z"},{"value":"0.7273","scoring_system":"epss","scoring_elements":"0.98782","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-8386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8386"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450407","reference_id":"1450407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1450407"},{"reference_url":"https://security.archlinux.org/ASA-201705-14","reference_id":"ASA-201705-14","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201705-14"},{"reference_url":"https://security.archlinux.org/AVG-267","reference_id":"AVG-267","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-267"},{"reference_url":"https://security.gentoo.org/glsa/201706-04","reference_id":"GLSA-201706-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2004","reference_id":"RHSA-2017:2004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2004"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2491","reference_id":"RHSA-2017:2491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2491"},{"reference_url":"https://usn.ubuntu.com/3287-1/","reference_id":"USN-3287-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3287-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923199?format=json","purl":"pkg:deb/debian/git@1:2.11.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.11.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2017-8386"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h5v9-82w6-bkcq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47899?format=json","vulnerability_id":"VCID-h8as-wpes-q7eq","summary":"A vulnerability has been found in libgit2 which could result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29187.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29187.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29187","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21357","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21461","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2145","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21594","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21727","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21738","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21642","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2164","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21615","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21467","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014848","reference_id":"1014848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014848"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107439","reference_id":"2107439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2107439"},{"reference_url":"https://security.archlinux.org/AVG-2778","reference_id":"AVG-2778","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2778"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://security.gentoo.org/glsa/202401-17","reference_id":"GLSA-202401-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2319","reference_id":"RHSA-2023:2319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2859","reference_id":"RHSA-2023:2859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://usn.ubuntu.com/5511-1/","reference_id":"USN-5511-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5511-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923212?format=json","purl":"pkg:deb/debian/git@1:2.37.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.37.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-29187"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8as-wpes-q7eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59053?format=json","vulnerability_id":"VCID-hr22-p62n-hqd9","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25652","reference_id":"","reference_type":"","scores":[{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82742","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82753","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82756","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.8283","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82831","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82792","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01801","scoring_system":"epss","scoring_elements":"0.82785","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03387","scoring_system":"epss","scoring_elements":"0.87427","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03387","scoring_system":"epss","scoring_elements":"0.87411","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03559","scoring_system":"epss","scoring_elements":"0.87751","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03559","scoring_system":"epss","scoring_elements":"0.87738","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03559","scoring_system":"epss","scoring_elements":"0.87737","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835","reference_id":"1034835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835"},{"reference_url":"https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902","reference_id":"18e2b1cfc80990719275d7b08e6e50f3e8cbc902","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://github.com/git/git/commit/18e2b1cfc80990719275d7b08e6e50f3e8cbc902"},{"reference_url":"http://www.openwall.com/lists/oss-security/2023/04/25/2","reference_id":"2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"http://www.openwall.com/lists/oss-security/2023/04/25/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188333","reference_id":"2188333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188333"},{"reference_url":"https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e","reference_id":"668f2d53613ac8fd373926ebe219f2c29112d93e","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://github.com/git/git/commit/668f2d53613ac8fd373926ebe219f2c29112d93e"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/","reference_id":"BSXOGVVBJLYX26IAYX6PJSYQB36BREWH","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BSXOGVVBJLYX26IAYX6PJSYQB36BREWH/"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx","reference_id":"GHSA-2hvf-7c8p-28fx","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-2hvf-7c8p-28fx"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/","reference_id":"PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PI7FZ4NNR5S5J5K6AMVQBH2JFP6NE4L7/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3192","reference_id":"RHSA-2023:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3243","reference_id":"RHSA-2023:3243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3245","reference_id":"RHSA-2023:3245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3246","reference_id":"RHSA-2023:3246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3247","reference_id":"RHSA-2023:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3248","reference_id":"RHSA-2023:3248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3263","reference_id":"RHSA-2023:3263","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3263"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3280","reference_id":"RHSA-2023:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3382","reference_id":"RHSA-2023:3382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3382"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/","reference_id":"RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKOXOAZ42HLXHXTW6JZI4L5DAIYDTYCU/"},{"reference_url":"https://usn.ubuntu.com/6050-1/","reference_id":"USN-6050-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6050-1/"},{"reference_url":"https://usn.ubuntu.com/6050-2/","reference_id":"USN-6050-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6050-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/","reference_id":"YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-05T19:56:20Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YFZWGQKB6MM5MNF2DLFTD7KS2KWPICKL/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923216?format=json","purl":"pkg:deb/debian/git@1:2.40.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.40.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25652"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hr22-p62n-hqd9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6031?format=json","vulnerability_id":"VCID-j1c4-rux6-wygr","summary":"Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.","references":[{"reference_url":"http://article.gmane.org/gmane.linux.kernel/1853266","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://article.gmane.org/gmane.linux.kernel/1853266"},{"reference_url":"http://git-blame.blogspot.com/2014/12/git-1856-195-205-214-and-221-and.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://git-blame.blogspot.com/2014/12/git-1856-195-205-214-and-221-and.html"},{"reference_url":"http://mercurial.selenic.com/wiki/WhatsNew","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://mercurial.selenic.com/wiki/WhatsNew"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9390.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9390.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9390","reference_id":"","reference_type":"","scores":[{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98986","published_at":"2026-05-05T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98961","published_at":"2026-04-01T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98962","published_at":"2026-04-02T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98965","published_at":"2026-04-04T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98967","published_at":"2026-04-07T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98968","published_at":"2026-04-09T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.9897","published_at":"2026-04-13T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98972","published_at":"2026-04-18T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98973","published_at":"2026-04-21T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98977","published_at":"2026-04-24T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.98978","published_at":"2026-04-26T12:55:00Z"},{"value":"0.77155","scoring_system":"epss","scoring_elements":"0.9898","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9390"},{"reference_url":"http://securitytracker.com/id?1031404","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://securitytracker.com/id?1031404"},{"reference_url":"https://github.com/blog/1938-git-client-vulnerability-announced","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/blog/1938-git-client-vulnerability-announced"},{"reference_url":"https://github.com/blog/1938-vulnerability-announced-update-your-git-clients","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/blog/1938-vulnerability-announced-update-your-git-clients"},{"reference_url":"https://github.com/libgit2/libgit2/commit/928429c5c96a701bcbcafacb2421a82602b36915","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/libgit2/libgit2/commit/928429c5c96a701bcbcafacb2421a82602b36915"},{"reference_url":"https://github.com/libgit2/libgit2/releases/tag/v0.21.3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libgit2/libgit2/releases/tag/v0.21.3"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2020-217.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2020-217.yaml"},{"reference_url":"https://libgit2.org/security","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://libgit2.org/security"},{"reference_url":"https://libgit2.org/security/","reference_id":"","reference_type":"","scores":[],"url":"https://libgit2.org/security/"},{"reference_url":"https://news.ycombinator.com/item?id=8769667","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://news.ycombinator.com/item?id=8769667"},{"reference_url":"https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://projects.eclipse.org/projects/technology.jgit/releases/3.5.3"},{"reference_url":"http://support.apple.com/kb/HT204147","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://support.apple.com/kb/HT204147"},{"reference_url":"https://web.archive.org/web/20211204220400/https://securitytracker.com/id?1031404","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20211204220400/https://securitytracker.com/id?1031404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1175960","reference_id":"1175960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1175960"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773640","reference_id":"773640","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774048","reference_id":"774048","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774048"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774050","reference_id":"774050","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774050"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9390","reference_id":"CVE-2014-9390","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9390"},{"reference_url":"https://github.com/advisories/GHSA-6vvc-c2m3-cjf3","reference_id":"GHSA-6vvc-c2m3-cjf3","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6vvc-c2m3-cjf3"},{"reference_url":"https://security.gentoo.org/glsa/201509-06","reference_id":"GLSA-201509-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201509-06"},{"reference_url":"https://usn.ubuntu.com/2470-1/","reference_id":"USN-2470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923191?format=json","purl":"pkg:deb/debian/git@1:2.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2014-9390","GHSA-6vvc-c2m3-cjf3","PYSEC-2020-217"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j1c4-rux6-wygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76362?format=json","vulnerability_id":"VCID-k8kg-z578-kbdu","summary":"git: insecure hardlinks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32020.json","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32020","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37114","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37596","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37648","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37661","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37641","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37613","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3766","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37577","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37341","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37321","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37231","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37717","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160","reference_id":"1071160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160"},{"reference_url":"https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d","reference_id":"1204e1a824c34071019fe106348eaa6d88f9528d","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/"}],"url":"https://github.com/git/git/commit/1204e1a824c34071019fe106348eaa6d88f9528d"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/14/2","reference_id":"2","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/14/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280466","reference_id":"2280466","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280466"},{"reference_url":"https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703","reference_id":"9e65df5eab274bf74c7b570107aacd1303a1e703","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/"}],"url":"https://github.com/git/git/commit/9e65df5eab274bf74c7b570107aacd1303a1e703"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj","reference_id":"GHSA-5rfh-556j-fhgj","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-5rfh-556j-fhgj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4083","reference_id":"RHSA-2024:4083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4084","reference_id":"RHSA-2024:4084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4368","reference_id":"RHSA-2024:4368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4368"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/","reference_id":"S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-15T14:32:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"},{"reference_url":"https://usn.ubuntu.com/6793-1/","reference_id":"USN-6793-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-1/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923217?format=json","purl":"pkg:deb/debian/git@1:2.45.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.45.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32020"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k8kg-z578-kbdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45573?format=json","vulnerability_id":"VCID-m5ss-32kw-tyf7","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1351.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1351.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1351","reference_id":"","reference_type":"","scores":[{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.9582","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95828","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95837","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95839","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95848","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95854","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95867","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95872","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95875","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95876","published_at":"2026-04-26T12:55:00Z"},{"value":"0.22642","scoring_system":"epss","scoring_elements":"0.95877","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1351"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781960","reference_id":"1781960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781960"},{"reference_url":"https://security.archlinux.org/AVG-1074","reference_id":"AVG-1074","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1074"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1351"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m5ss-32kw-tyf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69339?format=json","vulnerability_id":"VCID-m64b-xncz-6khh","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14867","reference_id":"","reference_type":"","scores":[{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.9117","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.91147","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.9115","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.91164","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.91161","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06534","scoring_system":"epss","scoring_elements":"0.91156","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91406","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91423","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91435","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91441","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91447","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.9145","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91449","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.914","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06968","scoring_system":"epss","scoring_elements":"0.91415","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14867"},{"reference_url":"https://bugs.debian.org/876854","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.debian.org/876854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14867"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-security-announce/2017/msg00246.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-security-announce/2017/msg00246.html"},{"reference_url":"https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u","reference_id":"","reference_type":"","scores":[],"url":"https://public-inbox.org/git/xmqqy3p29ekj.fsf%40gitster.mtv.corp.google.com/T/#u"},{"reference_url":"https://www.debian.org/security/2017/dsa-3984","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3984"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/09/26/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/09/26/9"},{"reference_url":"http://www.securityfocus.com/bid/101060","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101060"},{"reference_url":"http://www.securitytracker.com/id/1039431","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039431"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496344","reference_id":"1496344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1496344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854","reference_id":"876854","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876854"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.12.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.13.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.14.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14867","reference_id":"CVE-2017-14867","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:C/I:C/A:C"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14867"},{"reference_url":"https://usn.ubuntu.com/3438-1/","reference_id":"USN-3438-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3438-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923197?format=json","purl":"pkg:deb/debian/git@1:2.14.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.14.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2017-14867"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m64b-xncz-6khh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59048?format=json","vulnerability_id":"VCID-mhs7-a1hp-dqa3","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39260.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39260.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39260","reference_id":"","reference_type":"","scores":[{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79489","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84499","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.8452","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84545","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84539","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84535","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84556","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84557","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84583","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84592","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84594","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.8461","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02232","scoring_system":"epss","scoring_elements":"0.84497","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23521"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39260"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046","reference_id":"1022046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022046"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137423","reference_id":"2137423","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2137423"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2319","reference_id":"RHSA-2023:2319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2859","reference_id":"RHSA-2023:2859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://usn.ubuntu.com/5686-1/","reference_id":"USN-5686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-1/"},{"reference_url":"https://usn.ubuntu.com/5686-2/","reference_id":"USN-5686-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-2/"},{"reference_url":"https://usn.ubuntu.com/5686-3/","reference_id":"USN-5686-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5686-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923210?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923213?format=json","purl":"pkg:deb/debian/git@1:2.38.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.38.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2022-39260"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhs7-a1hp-dqa3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45580?format=json","vulnerability_id":"VCID-mzyt-2sh3-wydh","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1352","reference_id":"","reference_type":"","scores":[{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93472","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93435","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93436","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93455","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.9346","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93466","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93469","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93465","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93429","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11038","scoring_system":"epss","scoring_elements":"0.93434","published_at":"2026-04-11T12:55:00Z"},{"value":"0.11847","scoring_system":"epss","scoring_elements":"0.93707","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11847","scoring_system":"epss","scoring_elements":"0.93719","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11847","scoring_system":"epss","scoring_elements":"0.93687","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11847","scoring_system":"epss","scoring_elements":"0.93697","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11847","scoring_system":"epss","scoring_elements":"0.9371","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781963","reference_id":"1781963","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781963"},{"reference_url":"https://security.archlinux.org/ASA-201912-5","reference_id":"ASA-201912-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-5"},{"reference_url":"https://security.archlinux.org/ASA-201912-6","reference_id":"ASA-201912-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-6"},{"reference_url":"https://security.archlinux.org/AVG-1073","reference_id":"AVG-1073","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1073"},{"reference_url":"https://security.archlinux.org/AVG-1075","reference_id":"AVG-1075","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1075"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4356","reference_id":"RHSA-2019:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0002","reference_id":"RHSA-2020:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0228","reference_id":"RHSA-2020:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0228"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1352"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzyt-2sh3-wydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86775?format=json","vulnerability_id":"VCID-nemc-fwmj-wyh5","summary":"git: Incorrect IMAP server's SSL x509.v3 certificate validation in git-imap-send command","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701586","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701586"},{"reference_url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2013/Sep/msg00007.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00005.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00007.html"},{"reference_url":"http://marc.info/?l=git&m=136134619013145&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=git&m=136134619013145&w=2"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0589.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0589.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0308.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0308","reference_id":"","reference_type":"","scores":[{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77424","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.7745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77429","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77459","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77469","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77495","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77475","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77472","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77511","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77508","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.775","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77535","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77541","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01044","scoring_system":"epss","scoring_elements":"0.77556","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0308"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=804730","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=804730"},{"reference_url":"http://secunia.com/advisories/52361","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52361"},{"reference_url":"http://secunia.com/advisories/52443","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52443"},{"reference_url":"http://secunia.com/advisories/52467","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52467"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82329","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/82329"},{"reference_url":"https://raw.github.com/git/git/master/Documentation/RelNotes/1.8.1.4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://raw.github.com/git/git/master/Documentation/RelNotes/1.8.1.4.txt"},{"reference_url":"http://support.apple.com/kb/HT5937","reference_id":"","reference_type":"","scores":[],"url":"http://support.apple.com/kb/HT5937"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"},{"reference_url":"http://www.securityfocus.com/bid/58148","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/58148"},{"reference_url":"http://www.securitytracker.com/id/1028205","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1028205"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909977","reference_id":"909977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0308","reference_id":"CVE-2013-0308","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0589","reference_id":"RHSA-2013:0589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0589"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923190?format=json","purl":"pkg:deb/debian/git@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2013-0308"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nemc-fwmj-wyh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87543?format=json","vulnerability_id":"VCID-pdhy-n3zb-u3en","summary":"(gitweb): XSS due to missing escaping of HTML element attributes","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052518.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052782.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3906.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3906","reference_id":"","reference_type":"","scores":[{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94341","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94273","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94282","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94293","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94294","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94303","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94308","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94312","published_at":"2026-04-11T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94313","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94329","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94334","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94338","published_at":"2026-04-24T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94337","published_at":"2026-04-26T12:55:00Z"},{"value":"0.13918","scoring_system":"epss","scoring_elements":"0.94336","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3906"},{"reference_url":"http://secunia.com/advisories/42645","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42645"},{"reference_url":"http://secunia.com/advisories/42731","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42731"},{"reference_url":"http://secunia.com/advisories/42743","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42743"},{"reference_url":"http://secunia.com/advisories/43457","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43457"},{"reference_url":"http://www.exploit-db.com/exploits/15744","reference_id":"","reference_type":"","scores":[],"url":"http://www.exploit-db.com/exploits/15744"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:256","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:256"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-1003.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2010-1003.html"},{"reference_url":"http://www.securityfocus.com/bid/45439","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/45439"},{"reference_url":"http://www.securitytracker.com/id?1024905","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1024905"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3323","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/3323"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0010","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0010"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0464","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=663609","reference_id":"663609","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=663609"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9j:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:0.99.9j:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9j:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9k:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:0.99.9k:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9k:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9l:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:0.99.9l:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9l:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9m:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:0.99.9m:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9m:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9n:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:0.99.9n:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:0.99.9n:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.0b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.0.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.4.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.4.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.0:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.3:rc7:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc1.1136.g2794:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.4:rc5:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.3:r1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.5:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc0:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.6:rc0:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc0:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.6:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.5.6.6:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.5.6.6:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.0:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.1:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.1:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc2:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3:rc2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc3:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3:rc3:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc3:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.6.3:rc4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.6.3:rc4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git:git:1.7.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git:git:1.7.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:0.7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:0.7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3906","reference_id":"CVE-2010-3906","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-3906"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/15744.txt","reference_id":"CVE-2010-3906;OSVDB-69929","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/cgi/webapps/15744.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:1003","reference_id":"RHSA-2010:1003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:1003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923186?format=json","purl":"pkg:deb/debian/git@1:1.7.2.3-2.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:1.7.2.3-2.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3906"],"risk_score":7.8,"exploitability":"2.0","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdhy-n3zb-u3en"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45504?format=json","vulnerability_id":"VCID-r377-hfyz-pkgz","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19486.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19486.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19486","reference_id":"","reference_type":"","scores":[{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71165","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71174","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71191","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71166","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71208","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71222","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71244","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.7123","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.7126","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71267","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71297","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71305","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71309","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71294","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19486"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19486","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19486"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653143","reference_id":"1653143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1653143"},{"reference_url":"https://security.gentoo.org/glsa/201904-13","reference_id":"GLSA-201904-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3800","reference_id":"RHSA-2018:3800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3800"},{"reference_url":"https://usn.ubuntu.com/3829-1/","reference_id":"USN-3829-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3829-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923202?format=json","purl":"pkg:deb/debian/git@1:2.19.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.19.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19486"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r377-hfyz-pkgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76360?format=json","vulnerability_id":"VCID-rq4n-gfwv-uqbb","summary":"git: RCE while cloning local repos","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32004","reference_id":"","reference_type":"","scores":[{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85212","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85138","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.8515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85168","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85169","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85191","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.852","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02428","scoring_system":"epss","scoring_elements":"0.85198","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02631","scoring_system":"epss","scoring_elements":"0.85667","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02631","scoring_system":"epss","scoring_elements":"0.85623","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02631","scoring_system":"epss","scoring_elements":"0.85641","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02631","scoring_system":"epss","scoring_elements":"0.85648","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32004"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160","reference_id":"1071160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/14/2","reference_id":"2","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/14/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280428","reference_id":"2280428","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280428"},{"reference_url":"https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8","reference_id":"f4aa8c8bb11dae6e769cd930565173808cbb69c8","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"https://github.com/git/git/commit/f4aa8c8bb11dae6e769cd930565173808cbb69c8"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389","reference_id":"GHSA-xfc6-vwr8-r389","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-xfc6-vwr8-r389"},{"reference_url":"https://git-scm.com/docs/git-clone","reference_id":"git-clone","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"https://git-scm.com/docs/git-clone"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4083","reference_id":"RHSA-2024:4083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4084","reference_id":"RHSA-2024:4084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4368","reference_id":"RHSA-2024:4368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4579","reference_id":"RHSA-2024:4579","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6027","reference_id":"RHSA-2024:6027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6028","reference_id":"RHSA-2024:6028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6610","reference_id":"RHSA-2024:6610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6610"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7701","reference_id":"RHSA-2024:7701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7701"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/","reference_id":"S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-15T17:59:29Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"},{"reference_url":"https://usn.ubuntu.com/6793-1/","reference_id":"USN-6793-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-1/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923217?format=json","purl":"pkg:deb/debian/git@1:2.45.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.45.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32004"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rq4n-gfwv-uqbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56164?format=json","vulnerability_id":"VCID-skd8-z2m9-5yb4","summary":"A vulnerability has been found in Git that could allow a remote\n    attacker to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21300.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-21300.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21300","reference_id":"","reference_type":"","scores":[{"value":"0.58739","scoring_system":"epss","scoring_elements":"0.98225","published_at":"2026-04-29T12:55:00Z"},{"value":"0.58739","scoring_system":"epss","scoring_elements":"0.98226","published_at":"2026-04-26T12:55:00Z"},{"value":"0.58739","scoring_system":"epss","scoring_elements":"0.98223","published_at":"2026-04-24T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98333","published_at":"2026-04-07T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98338","published_at":"2026-04-09T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98346","published_at":"2026-04-16T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98326","published_at":"2026-04-01T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.98328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.61881","scoring_system":"epss","scoring_elements":"0.9833","published_at":"2026-04-04T12:55:00Z"},{"value":"0.64457","scoring_system":"epss","scoring_elements":"0.98457","published_at":"2026-04-21T12:55:00Z"},{"value":"0.64457","scoring_system":"epss","scoring_elements":"0.98456","published_at":"2026-04-18T12:55:00Z"},{"value":"0.64457","scoring_system":"epss","scoring_elements":"0.98466","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21300"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935158","reference_id":"1935158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935158"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985120","reference_id":"985120","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985120"},{"reference_url":"https://security.archlinux.org/ASA-202103-3","reference_id":"ASA-202103-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202103-3"},{"reference_url":"https://security.archlinux.org/AVG-1665","reference_id":"AVG-1665","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1665"},{"reference_url":"https://security.gentoo.org/glsa/202104-01","reference_id":"GLSA-202104-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202104-01"},{"reference_url":"https://usn.ubuntu.com/4761-1/","reference_id":"USN-4761-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4761-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923207?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2021-21300"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skd8-z2m9-5yb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58560?format=json","vulnerability_id":"VCID-smnt-catx-23e8","summary":"Multiple vulnerabilities have been found in Git which might all\n    allow attackers to access sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11008.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11008","reference_id":"","reference_type":"","scores":[{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84417","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84498","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84492","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84509","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84511","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84538","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84451","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.84474","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02219","scoring_system":"epss","scoring_elements":"0.8448","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02244","scoring_system":"epss","scoring_elements":"0.84627","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02244","scoring_system":"epss","scoring_elements":"0.84629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02279","scoring_system":"epss","scoring_elements":"0.8475","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11008"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1826001","reference_id":"1826001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1826001"},{"reference_url":"https://security.archlinux.org/ASA-202004-21","reference_id":"ASA-202004-21","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202004-21"},{"reference_url":"https://security.archlinux.org/AVG-1138","reference_id":"AVG-1138","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1138"},{"reference_url":"https://security.gentoo.org/glsa/202004-13","reference_id":"GLSA-202004-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202004-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1975","reference_id":"RHSA-2020:1975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1978","reference_id":"RHSA-2020:1978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1979","reference_id":"RHSA-2020:1979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1980","reference_id":"RHSA-2020:1980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2337","reference_id":"RHSA-2020:2337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3581","reference_id":"RHSA-2020:3581","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3581"},{"reference_url":"https://usn.ubuntu.com/4334-1/","reference_id":"USN-4334-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4334-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923205?format=json","purl":"pkg:deb/debian/git@1:2.26.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.26.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-11008"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smnt-catx-23e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59431?format=json","vulnerability_id":"VCID-u6dy-wczq-pbgr","summary":"Git contains multiple vulnerabilities that allow for the remote\n    execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11233.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11233","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52744","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52857","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52794","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52762","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52813","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52806","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52841","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52825","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52862","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52869","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52768","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54122","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54218","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54197","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54173","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11233"},{"reference_url":"https://marc.info/?l=git&m=152761328506724&w=2","reference_id":"","reference_type":"","scores":[],"url":"https://marc.info/?l=git&m=152761328506724&w=2"},{"reference_url":"http://www.securityfocus.com/bid/104346","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104346"},{"reference_url":"http://www.securitytracker.com/id/1040991","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1040991"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583888","reference_id":"1583888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583888"},{"reference_url":"https://security.archlinux.org/ASA-201806-1","reference_id":"ASA-201806-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201806-1"},{"reference_url":"https://security.archlinux.org/AVG-711","reference_id":"AVG-711","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-711"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11233","reference_id":"CVE-2018-11233","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:N"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11233"},{"reference_url":"https://security.gentoo.org/glsa/201805-13","reference_id":"GLSA-201805-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201805-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:2147","reference_id":"RHSA-2018:2147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:2147"},{"reference_url":"https://usn.ubuntu.com/3671-1/","reference_id":"USN-3671-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3671-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923200?format=json","purl":"pkg:deb/debian/git@1:2.17.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.17.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2018-11233"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u6dy-wczq-pbgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45558?format=json","vulnerability_id":"VCID-uea5-m2b8-3kc4","summary":"Multiple vulnerabilities have been found in Git, the worst of which\n    could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1349","reference_id":"","reference_type":"","scores":[{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96487","published_at":"2026-04-01T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96541","published_at":"2026-05-05T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96532","published_at":"2026-04-26T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96534","published_at":"2026-04-29T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.965","published_at":"2026-04-04T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96504","published_at":"2026-04-07T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96512","published_at":"2026-04-08T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96514","published_at":"2026-04-09T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96518","published_at":"2026-04-12T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96521","published_at":"2026-04-13T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96527","published_at":"2026-04-16T12:55:00Z"},{"value":"0.28407","scoring_system":"epss","scoring_elements":"0.96533","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781143","reference_id":"1781143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781143"},{"reference_url":"https://security.archlinux.org/ASA-201912-5","reference_id":"ASA-201912-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-5"},{"reference_url":"https://security.archlinux.org/ASA-201912-6","reference_id":"ASA-201912-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-6"},{"reference_url":"https://security.archlinux.org/AVG-1073","reference_id":"AVG-1073","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1073"},{"reference_url":"https://security.archlinux.org/AVG-1075","reference_id":"AVG-1075","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1075"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4356","reference_id":"RHSA-2019:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0002","reference_id":"RHSA-2020:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0228","reference_id":"RHSA-2020:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0228"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1349"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uea5-m2b8-3kc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59054?format=json","vulnerability_id":"VCID-usx6-t5ns-t3bb","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json","reference_id":"","reference_type":"","scores":[{"value":"2.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25815","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27503","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27614","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27619","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27574","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27518","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27525","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27498","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27459","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27412","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27309","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27234","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27065","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25815"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835","reference_id":"1034835","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188337","reference_id":"2188337","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2188337"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3192","reference_id":"RHSA-2023:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3243","reference_id":"RHSA-2023:3243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3245","reference_id":"RHSA-2023:3245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3246","reference_id":"RHSA-2023:3246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3247","reference_id":"RHSA-2023:3247","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3247"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3248","reference_id":"RHSA-2023:3248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3280","reference_id":"RHSA-2023:3280","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3280"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3382","reference_id":"RHSA-2023:3382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3382"},{"reference_url":"https://usn.ubuntu.com/6050-1/","reference_id":"USN-6050-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6050-1/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923216?format=json","purl":"pkg:deb/debian/git@1:2.40.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.40.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-25815"],"risk_score":1.0,"exploitability":"0.5","weighted_severity":"2.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usx6-t5ns-t3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76359?format=json","vulnerability_id":"VCID-uszr-cr35-r7gr","summary":"git: Recursive clones RCE","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-32002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32002","reference_id":"","reference_type":"","scores":[{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99135","published_at":"2026-05-05T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99115","published_at":"2026-04-02T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99122","published_at":"2026-04-09T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99125","published_at":"2026-04-16T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99126","published_at":"2026-04-18T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99131","published_at":"2026-04-24T12:55:00Z"},{"value":"0.80377","scoring_system":"epss","scoring_elements":"0.99132","published_at":"2026-04-29T12:55:00Z"},{"value":"0.8064","scoring_system":"epss","scoring_elements":"0.99143","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-32002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160","reference_id":"1071160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1071160"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/05/14/2","reference_id":"2","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/05/14/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280421","reference_id":"2280421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2280421"},{"reference_url":"https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d","reference_id":"97065761333fd62db1912d81b489db938d8c991d","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://github.com/git/git/commit/97065761333fd62db1912d81b489db938d8c991d"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv","reference_id":"GHSA-8h77-4q3w-gfgv","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-8h77-4q3w-gfgv"},{"reference_url":"https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt","reference_id":"git-clone.txt---recurse-submodulesltpathspecgt","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://git-scm.com/docs/git-clone#Documentation/git-clone.txt---recurse-submodulesltpathspecgt"},{"reference_url":"https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks","reference_id":"git-config.txt-coresymlinks","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://git-scm.com/docs/git-config#Documentation/git-config.txt-coresymlinks"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html","reference_id":"msg00018.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00018.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4083","reference_id":"RHSA-2024:4083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4084","reference_id":"RHSA-2024:4084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4368","reference_id":"RHSA-2024:4368","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4368"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4579","reference_id":"RHSA-2024:4579","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6027","reference_id":"RHSA-2024:6027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6028","reference_id":"RHSA-2024:6028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6610","reference_id":"RHSA-2024:6610","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6610"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/","reference_id":"S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-29T14:18:00Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S4CK4IYTXEOBZTEM5K3T6LWOIZ3S44AR/"},{"reference_url":"https://usn.ubuntu.com/6793-1/","reference_id":"USN-6793-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-1/"},{"reference_url":"https://usn.ubuntu.com/6793-2/","reference_id":"USN-6793-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6793-2/"},{"reference_url":"https://usn.ubuntu.com/7023-1/","reference_id":"USN-7023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7023-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923204?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923215?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923217?format=json","purl":"pkg:deb/debian/git@1:2.45.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.45.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-32002"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uszr-cr35-r7gr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49807?format=json","vulnerability_id":"VCID-uysk-79k5-ayhz","summary":"Git contains multiple vulnerabilities that allow for the remote\n    execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-11/msg00066.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2015-11/msg00066.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-2515.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-2515.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7545.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7545.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7545","reference_id":"","reference_type":"","scores":[{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97036","published_at":"2026-05-05T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97032","published_at":"2026-04-26T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97033","published_at":"2026-04-29T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.96984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.96992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.96998","published_at":"2026-04-07T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97007","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97008","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97011","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97012","published_at":"2026-04-12T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97022","published_at":"2026-04-16T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97025","published_at":"2026-04-18T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.97029","published_at":"2026-04-21T12:55:00Z"},{"value":"0.34729","scoring_system":"epss","scoring_elements":"0.9703","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.3.10.txt","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.3.10.txt"},{"reference_url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.4.10.txt","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.4.10.txt"},{"reference_url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.5.4.txt"},{"reference_url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.6.1.txt","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/blob/master/Documentation/RelNotes/2.6.1.txt"},{"reference_url":"https://kernel.googlesource.com/pub/scm/git/git/+/33cfccbbf35a56e190b79bdec5c85457c952a021","reference_id":"","reference_type":"","scores":[],"url":"https://kernel.googlesource.com/pub/scm/git/git/+/33cfccbbf35a56e190b79bdec5c85457c952a021"},{"reference_url":"https://lkml.org/lkml/2015/10/5/683","reference_id":"","reference_type":"","scores":[],"url":"https://lkml.org/lkml/2015/10/5/683"},{"reference_url":"http://www.debian.org/security/2016/dsa-3435","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3435"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/08/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/08/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/09/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/09/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/11/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/11/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/78711","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/78711"},{"reference_url":"http://www.securitytracker.com/id/1034501","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1034501"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255"},{"reference_url":"http://www.ubuntu.com/usn/USN-2835-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2835-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1269794","reference_id":"1269794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1269794"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.4.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.4.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.5.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.5.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git_project:git:2.6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git_project:git:2.6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7545","reference_id":"CVE-2015-7545","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7545"},{"reference_url":"https://security.gentoo.org/glsa/201605-01","reference_id":"GLSA-201605-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2515","reference_id":"RHSA-2015:2515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2561","reference_id":"RHSA-2015:2561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2561"},{"reference_url":"https://usn.ubuntu.com/2835-1/","reference_id":"USN-2835-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2835-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923193?format=json","purl":"pkg:deb/debian/git@1:2.6.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.6.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2015-7545"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uysk-79k5-ayhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59051?format=json","vulnerability_id":"VCID-v84q-w7ye-c7d3","summary":"Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22490.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22490","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33319","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33517","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33432","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3707","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39159","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39171","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39115","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39169","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39139","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52419","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0029","scoring_system":"epss","scoring_elements":"0.52391","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310","reference_id":"1031310","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031310"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2168160","reference_id":"2168160","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2168160"},{"reference_url":"https://security.gentoo.org/glsa/202312-15","reference_id":"GLSA-202312-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202312-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3245","reference_id":"RHSA-2023:3245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3246","reference_id":"RHSA-2023:3246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0407","reference_id":"RHSA-2024:0407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0407"},{"reference_url":"https://usn.ubuntu.com/5871-1/","reference_id":"USN-5871-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5871-1/"},{"reference_url":"https://usn.ubuntu.com/5871-2/","reference_id":"USN-5871-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5871-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923214?format=json","purl":"pkg:deb/debian/git@1:2.39.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2023-22490"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v84q-w7ye-c7d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49809?format=json","vulnerability_id":"VCID-vjnp-dnar-p7gy","summary":"Git contains multiple vulnerabilities that allow for the remote\n    execution of arbitrary code.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183147.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179121.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/179121.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180763.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/180763.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00059.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00060.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00061.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00062.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00071.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00071.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00074.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00074.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00076.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00076.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00077.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-04/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-04/msg00011.html"},{"reference_url":"http://pastebin.com/UX2P2jjg","reference_id":"","reference_type":"","scores":[],"url":"http://pastebin.com/UX2P2jjg"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-0496.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-0496.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2324.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2324.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2324","reference_id":"","reference_type":"","scores":[{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95814","published_at":"2026-05-05T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95801","published_at":"2026-04-29T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95748","published_at":"2026-04-01T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95757","published_at":"2026-04-02T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95765","published_at":"2026-04-04T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95767","published_at":"2026-04-07T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95776","published_at":"2026-04-08T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95779","published_at":"2026-04-09T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95782","published_at":"2026-04-12T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95784","published_at":"2026-04-13T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95794","published_at":"2026-04-16T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.95798","published_at":"2026-04-18T12:55:00Z"},{"value":"0.2205","scoring_system":"epss","scoring_elements":"0.958","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2324"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2324"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/git/git/commit/de1e67d0703894cb6ea782e36abb63976ab07e60","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/git/git/commit/de1e67d0703894cb6ea782e36abb63976ab07e60"},{"reference_url":"https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt","reference_id":"","reference_type":"","scores":[],"url":"https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.7.4.txt"},{"reference_url":"http://www.debian.org/security/2016/dsa-3521","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3521"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/03/15/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/03/15/5"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"reference_url":"http://www.securityfocus.com/bid/84355","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/84355"},{"reference_url":"http://www.securitytracker.com/id/1035290","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035290"},{"reference_url":"http://www.ubuntu.com/usn/USN-2938-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2938-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317981","reference_id":"1317981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1317981"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818318","reference_id":"818318","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818318"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_server:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp4:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2324","reference_id":"CVE-2016-2324","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-2324"},{"reference_url":"https://security.gentoo.org/glsa/201605-01","reference_id":"GLSA-201605-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0496","reference_id":"RHSA-2016:0496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0497","reference_id":"RHSA-2016:0497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0497"},{"reference_url":"https://usn.ubuntu.com/2938-1/","reference_id":"USN-2938-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2938-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923195?format=json","purl":"pkg:deb/debian/git@1:2.8.0~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.8.0~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2016-2324"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjnp-dnar-p7gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72114?format=json","vulnerability_id":"VCID-wgzc-r8rd-t3dx","summary":"git: Newline confusion in credential helpers can lead to credential exfiltration in git","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-52006.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52006","reference_id":"","reference_type":"","scores":[{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77227","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77259","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77267","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77295","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77274","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77272","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77311","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77303","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77337","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77343","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77355","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77216","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01025","scoring_system":"epss","scoring_elements":"0.77245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01291","scoring_system":"epss","scoring_elements":"0.79762","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-52006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52006"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042","reference_id":"1093042","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1093042"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337956","reference_id":"2337956","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2337956"},{"reference_url":"https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060","reference_id":"b01b9b81d36759cdcd07305e78765199e1bc2060","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/"}],"url":"https://github.com/git/git/commit/b01b9b81d36759cdcd07305e78765199e1bc2060"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q","reference_id":"GHSA-qm7j-c969-7j4q","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q"},{"reference_url":"https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp","reference_id":"GHSA-r5ph-xg7q-xfrp","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-14T18:52:03Z/"}],"url":"https://github.com/git/git/security/advisories/GHSA-r5ph-xg7q-xfrp"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7207-1/","reference_id":"USN-7207-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7207-1/"},{"reference_url":"https://usn.ubuntu.com/7207-2/","reference_id":"USN-7207-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7207-2/"},{"reference_url":"https://usn.ubuntu.com/7964-1/","reference_id":"USN-7964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923219?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923218?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923220?format=json","purl":"pkg:deb/debian/git@1:2.47.2-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.2-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2024-52006"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgzc-r8rd-t3dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51213?format=json","vulnerability_id":"VCID-x8he-nt8f-57fk","summary":"Multiple vulnerabilities have been discovered in Git, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01442","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0144","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01977","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01957","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01959","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02041","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02025","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02059","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01995","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01997","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02013","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01998","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-27613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27613"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983","reference_id":"1108983","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124","reference_id":"2379124","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2379124"},{"reference_url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_id":"465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/465f03869ae11acd04abfa1b83c67879c867410c..026c397d911cde55924d7eb1311d0fd6e2e105d5"},{"reference_url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_id":"7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/compare/7dd272eca153058da2e8d5b9960bbbf0b4f0cbaa..67a128b91e25978a15f9f7e194d81b441d603652"},{"reference_url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v","reference_id":"GHSA-f3cw-xrj3-wr2v","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-10T15:55:29Z/"}],"url":"https://github.com/j6t/gitk/security/advisories/GHSA-f3cw-xrj3-wr2v"},{"reference_url":"https://security.gentoo.org/glsa/202507-09","reference_id":"GLSA-202507-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202507-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11462","reference_id":"RHSA-2025:11462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11533","reference_id":"RHSA-2025:11533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11534","reference_id":"RHSA-2025:11534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11534"},{"reference_url":"https://usn.ubuntu.com/7626-1/","reference_id":"USN-7626-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7626-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923221?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923222?format=json","purl":"pkg:deb/debian/git@1:2.50.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.50.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2025-27613"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x8he-nt8f-57fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83891?format=json","vulnerability_id":"VCID-y3uw-f72u-5qes","summary":"git: Mishandling layers of tree objects","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15298.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15298","reference_id":"","reference_type":"","scores":[{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63381","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63499","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63498","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63516","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.6353","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63468","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63433","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63484","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63502","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63519","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63503","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63469","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63504","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00446","scoring_system":"epss","scoring_elements":"0.63512","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15298"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15298","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15298"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Katee/git-bomb","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Katee/git-bomb"},{"reference_url":"https://kate.io/blog/git-bomb/","reference_id":"","reference_type":"","scores":[],"url":"https://kate.io/blog/git-bomb/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510455","reference_id":"1510455","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510455"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15298","reference_id":"CVE-2017-15298","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15298"},{"reference_url":"https://usn.ubuntu.com/3829-1/","reference_id":"USN-3829-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3829-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923198?format=json","purl":"pkg:deb/debian/git@1:2.16.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.16.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2017-15298"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3uw-f72u-5qes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34611?format=json","vulnerability_id":"VCID-y5fa-ahxz-9kb1","summary":"Multiple vulnerabilities have been found in libgit2, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1348.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1348","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15413","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15142","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15331","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1533","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15275","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15453","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15522","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15322","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1541","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1546","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15422","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15317","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15234","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1524","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15291","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781953","reference_id":"1781953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1781953"},{"reference_url":"https://security.archlinux.org/ASA-201912-5","reference_id":"ASA-201912-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-5"},{"reference_url":"https://security.archlinux.org/ASA-201912-6","reference_id":"ASA-201912-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201912-6"},{"reference_url":"https://security.archlinux.org/AVG-1073","reference_id":"AVG-1073","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1073"},{"reference_url":"https://security.archlinux.org/AVG-1075","reference_id":"AVG-1075","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1075"},{"reference_url":"https://security.gentoo.org/glsa/202003-30","reference_id":"GLSA-202003-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-30"},{"reference_url":"https://security.gentoo.org/glsa/202003-42","reference_id":"GLSA-202003-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:4356","reference_id":"RHSA-2019:4356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:4356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0002","reference_id":"RHSA-2020:0002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:0228","reference_id":"RHSA-2020:0228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:0228"},{"reference_url":"https://usn.ubuntu.com/4220-1/","reference_id":"USN-4220-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4220-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923203?format=json","purl":"pkg:deb/debian/git@1:2.24.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.24.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923187?format=json","purl":"pkg:deb/debian/git@1:2.30.2-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-k8kg-z578-kbdu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.30.2-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923185?format=json","purl":"pkg:deb/debian/git@1:2.39.5-0%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923189?format=json","purl":"pkg:deb/debian/git@1:2.47.3-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.47.3-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/923188?format=json","purl":"pkg:deb/debian/git@1:2.53.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.53.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-1348"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5fa-ahxz-9kb1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/git@1:2.39.5-0%252Bdeb12u3%3Fdistro=trixie"}