ALPINE-CVE-2021-29468

See a problem?
Please try reporting it to the source first.
Source
https://security.alpinelinux.org/vuln/CVE-2021-29468
Import Source
https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2021-29468.json
JSON Data
https://api.osv.dev/v1/vulns/ALPINE-CVE-2021-29468
Upstream
Published
2021-04-29T21:15:08.550Z
Modified
2025-12-03T22:48:35.758865Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Cygwin Git is a patch set for the git command line tool for the cygwin environment. A specially crafted repository that contains symbolic links as well as files with backslash characters in the file name may cause just-checked out code to be executed while checking out a repository using Git on Cygwin. The problem will be patched in the Cygwin Git v2.31.1-2 release. At time of writing, the vulnerability is present in the upstream Git source code; any Cygwin user who compiles Git for themselves from upstream sources should manually apply a patch to mitigate the vulnerability. As mitigation users should not clone or pull from repositories from untrusted sources. CVE-2019-1354 was an equivalent vulnerability in Git for Visual Studio.

References

Affected packages

Alpine:v3.10

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.11

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.12

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.13

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.14

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.15

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.16

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.17

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.18

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.19

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.20

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.21

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.22

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0

Alpine:v3.23

git

Package

Name
git
Purl
pkg:apk/alpine/git?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0