Monday, October 8, 2018

Code execution bug in malicious repositories resolved by Git Project - ZDNet


ZDNet
Code execution bug in malicious repositories resolved by Git Project
ZDNet
CVE-2018-17456 is similar to CVE-2017-1000117, another option-injection attack which related to the handling of "ssh" URLs in Git software. The latter issue could be used to execute shell commands with the privileges of the user running the Git client ...
By at
Labels: