CVE-2018-1000021

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-1000021

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000021.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-1000021

Related

UBUNTU-CVE-2018-1000021

Published

2018-02-09T23:29:00Z

Modified

2025-02-19T02:28:49.870046Z

Severity

5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L CVSS Calculator

Summary

[none]

Details

GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).

References

Affected packages

Debian:11 / git

Package

Name: git
Purl: pkg:deb/debian/git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*

1:2.30.2-1

1:2.30.2-1+deb11u1

1:2.30.2-1+deb11u2

1:2.30.2-1+deb11u3

1:2.30.2-1+deb11u4

1:2.31.0~rc2+next.20210304-1

1:2.31.0~rc2+next.20210309-1

1:2.31.0-1

1:2.31.0+next.20210315-1

1:2.31.1-1

1:2.31.1+next.20210417-1

1:2.31.1+next.20210514-1

1:2.32.0~rc0-1

1:2.32.0~rc0+next.20210520-1

1:2.32.0~rc2-1

1:2.32.0~rc2+next.20210531-1

1:2.32.0-1

1:2.32.0+next.20210606-1

1:2.33.0-1

1:2.33.0+next.20210816-1

1:2.33.0+next.20210901-1

1:2.33.0+next.20210929-1

1:2.33.1-1

1:2.33.1+next.20211025-1

1:2.34.0-1

1:2.34.0+next.20211119-1

1:2.34.1-1~bpo11+1

1:2.34.1-1

1:2.34.1+next.20211124-1

1:2.34.1+next.20211202-1

1:2.34.1+next.20211221-1

1:2.34.1+next.20211227-1

1:2.35.1-1

1:2.35.1+next.20220128-1

1:2.35.1+next.20220211-1

1:2.35.2-1

1:2.36.0~rc2+next.20220411-1

1:2.36.0~rc2+next.20220414-1

1:2.36.0-1

1:2.36.0+next.20220417-1

1:2.36.0+next.20220428-1

1:2.36.0+next.20220504-1

1:2.36.1-1

1:2.36.1+next.20220505-1

1:2.37.2-1

1:2.37.2+next.20220812-1

1:2.38.1-1

1:2.38.1+next.20221031-1

1:2.39.0-1

1:2.39.0+next.20221212-1

1:2.39.0+next.20221220-1

1:2.39.1-0.1~bpo11+1

1:2.39.1-0.1

1:2.39.2-1~bpo11+1

1:2.39.2-1

1:2.39.2-1.1

1:2.39.2+next.20230215-1

1:2.40.0-1

1:2.40.0-1+alpha.1

1:2.40.0+next.20230313-1

1:2.40.0+next.20230319-1

1:2.40.1-1

1:2.40.1-1+alpha.1

1:2.40.1+next.20230424-1

1:2.40.1+next.20230427-1

1:2.42.0-1

1:2.43.0-1

1:2.43.0-1+alpha.2

1:2.43.0+next.20231120-1

1:2.43.0+next.20240104-1

1:2.45.1-1

1:2.45.1+next.20240516-1

1:2.45.2-1

1:2.45.2-1+alpha.1

1:2.45.2-1.1

1:2.45.2-1.1+alpha.1

1:2.45.2-1.2

1:2.45.2-1.3

1:2.45.2+next.20240614-1

1:2.47.1-1

1:2.47.2-0.1

1:2.48.0~rc1+next.20250101-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:12 / git

Package

Name: git
Purl: pkg:deb/debian/git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*

1:2.39.2-1.1

1:2.39.2+next.20230215-1

1:2.39.5-0+deb12u1

1:2.39.5-0+deb12u2

1:2.40.0-1

1:2.40.0-1+alpha.1

1:2.40.0+next.20230313-1

1:2.40.0+next.20230319-1

1:2.40.1-1

1:2.40.1-1+alpha.1

1:2.40.1+next.20230424-1

1:2.40.1+next.20230427-1

1:2.42.0-1

1:2.43.0-1

1:2.43.0-1+alpha.2

1:2.43.0+next.20231120-1

1:2.43.0+next.20240104-1

1:2.45.1-1

1:2.45.1+next.20240516-1

1:2.45.2-1

1:2.45.2-1+alpha.1

1:2.45.2-1.1

1:2.45.2-1.1+alpha.1

1:2.45.2-1.2

1:2.45.2-1.3

1:2.45.2+next.20240614-1

1:2.47.1-1

1:2.47.2-0.1

1:2.48.0~rc1+next.20250101-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Debian:13 / git

Package

Name: git
Purl: pkg:deb/debian/git?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:2.*

1:2.39.2-1.1

1:2.39.2+next.20230215-1

1:2.40.0-1

1:2.40.0-1+alpha.1

1:2.40.0+next.20230313-1

1:2.40.0+next.20230319-1

1:2.40.1-1

1:2.40.1-1+alpha.1

1:2.40.1+next.20230424-1

1:2.40.1+next.20230427-1

1:2.42.0-1

1:2.43.0-1

1:2.43.0-1+alpha.2

1:2.43.0+next.20231120-1

1:2.43.0+next.20240104-1

1:2.45.1-1

1:2.45.1+next.20240516-1

1:2.45.2-1

1:2.45.2-1+alpha.1

1:2.45.2-1.1

1:2.45.2-1.1+alpha.1

1:2.45.2-1.2

1:2.45.2-1.3

1:2.45.2+next.20240614-1

1:2.47.1-1

1:2.47.2-0.1

1:2.48.0~rc1+next.20250101-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Git / github.com/git-for-windows/git

Affected ranges

Type: GIT
Repo: https://github.com/git-for-windows/git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

9b185bef0c15cec1ea8753ce091e42ea041f2c31

Affected versions

gitgui-0.*

gitgui-0.10.0

gitgui-0.10.1

gitgui-0.10.2

gitgui-0.11.0

gitgui-0.12.0

gitgui-0.13.0

gitgui-0.14.0

gitgui-0.15.0

gitgui-0.16.0

gitgui-0.17.0

gitgui-0.18.0

gitgui-0.19.0

gitgui-0.20.0

gitgui-0.21.0

gitgui-0.6.0

gitgui-0.6.1

gitgui-0.6.2

gitgui-0.6.3

gitgui-0.6.4

gitgui-0.6.5

gitgui-0.7.0

gitgui-0.7.0-rc1

gitgui-0.7.1

gitgui-0.7.2

gitgui-0.7.3

gitgui-0.7.4

gitgui-0.7.5

gitgui-0.8.0

gitgui-0.8.1

gitgui-0.8.2

gitgui-0.8.3

gitgui-0.8.4

gitgui-0.9.0

gitgui-0.9.1

gitgui-0.9.2

gitgui-0.9.3

v0.*

v0.99

v0.99.1

v0.99.2

v0.99.3

v0.99.4

v0.99.5

v0.99.6

v0.99.7

v0.99.7a

v0.99.7b

v0.99.7c

v0.99.7d

v0.99.8

v0.99.8a

v0.99.8b

v0.99.8c

v0.99.8d

v0.99.8e

v0.99.8f

v0.99.8g

v0.99.9

v0.99.9a

v0.99.9b

v0.99.9c

v0.99.9d

v0.99.9e

v0.99.9f

v0.99.9g

v0.99.9h

v0.99.9i

v0.99.9j

v0.99.9k

v0.99.9l

v0.99.9m

v0.99.9n

v1.*

v1.0.0

v1.0.0a

v1.0.0b

v1.0.1

v1.0.10

v1.0.11

v1.0.12

v1.0.13

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.0.7

v1.0.8

v1.0.9

v1.0rc1

v1.0rc2

v1.0rc3

v1.0rc4

v1.0rc5

v1.0rc6

v1.1.0

v1.1.1

v1.1.2

v1.1.3

v1.1.4

v1.1.5

v1.1.6

v1.2.0

v1.2.1

v1.2.2

v1.2.3

v1.2.4

v1.2.5

v1.2.6

v1.3.0

v1.3.0-rc1

v1.3.0-rc2

v1.3.0-rc3

v1.3.0-rc4

v1.3.1

v1.3.2

v1.3.3

v1.4.0

v1.4.0-rc1

v1.4.0-rc2

v1.4.1

v1.4.1-rc1

v1.4.1-rc2

v1.4.1.1

v1.4.2

v1.4.2-rc1

v1.4.2-rc2

v1.4.2-rc3

v1.4.2-rc4

v1.4.2.1

v1.4.2.2

v1.4.2.3

v1.4.2.4

v1.4.3

v1.4.3-rc1

v1.4.3-rc2

v1.4.3-rc3

v1.4.3.1

v1.4.3.2

v1.4.3.3

v1.4.3.4

v1.4.3.5

v1.4.4

v1.4.4-rc1

v1.4.4-rc2

v1.4.4.1

v1.4.4.2

v1.4.4.3

v1.4.4.4

v1.5.0

v1.5.0-rc0

v1.5.0-rc1

v1.5.0-rc2

v1.5.0-rc3

v1.5.0-rc4

v1.5.0.1

v1.5.0.2

v1.5.0.3

v1.5.0.4

v1.5.0.5

v1.5.0.6

v1.5.0.7

v1.5.1

v1.5.1-rc1

v1.5.1-rc2

v1.5.1-rc3

v1.5.1.1

v1.5.1.2

v1.5.1.3

v1.5.1.4

v1.5.1.5

v1.5.1.6

v1.5.2

v1.5.2-rc0

v1.5.2-rc1

v1.5.2-rc2

v1.5.2-rc3

v1.5.2.1

v1.5.2.2

v1.5.2.3

v1.5.2.4

v1.5.2.5

v1.5.3

v1.5.3-rc0

v1.5.3-rc1

v1.5.3-rc2

v1.5.3-rc3

v1.5.3-rc4

v1.5.3-rc5

v1.5.3-rc6

v1.5.3-rc7

v1.5.3.1

v1.5.3.2

v1.5.3.3

v1.5.3.4

v1.5.3.5

v1.5.3.6

v1.5.3.7

v1.5.3.8

v1.5.4

v1.5.4-rc0

v1.5.4-rc1

v1.5.4-rc2

v1.5.4-rc3

v1.5.4-rc4

v1.5.4-rc5

v1.5.4.1

v1.5.4.2

v1.5.4.3

v1.5.4.4

v1.5.4.5

v1.5.4.6

v1.5.4.7

v1.5.5

v1.5.5-rc0

v1.5.5-rc1

v1.5.5-rc2

v1.5.5-rc3

v1.5.5.1

v1.5.5.2

v1.5.5.3

v1.5.5.4

v1.5.5.5

v1.5.5.6

v1.5.6

v1.5.6-rc0

v1.5.6-rc1

v1.5.6-rc2

v1.5.6-rc3

v1.5.6.1

v1.5.6.2

v1.5.6.3

v1.5.6.4

v1.5.6.5

v1.5.6.6

v1.6.0

v1.6.0-rc0

v1.6.0-rc1

v1.6.0-rc2

v1.6.0-rc3

v1.6.0.1

v1.6.0.2

v1.6.0.3

v1.6.0.4

v1.6.0.5

v1.6.0.6

v1.6.1

v1.6.1-rc1

v1.6.1-rc2

v1.6.1-rc3

v1.6.1-rc4

v1.6.1.1

v1.6.1.2

v1.6.1.3

v1.6.1.4

v1.6.2

v1.6.2-rc0

v1.6.2-rc1

v1.6.2-rc2

v1.6.2.1

v1.6.2.2

v1.6.2.3

v1.6.2.4

v1.6.2.5

v1.6.3

v1.6.3-rc0

v1.6.3-rc1

v1.6.3-rc2

v1.6.3-rc3

v1.6.3-rc4

v1.6.3.1

v1.6.3.2

v1.6.3.3

v1.6.3.4

v1.6.4

v1.6.4-rc0

v1.6.4-rc1

v1.6.4-rc2

v1.6.4-rc3

v1.6.4.1

v1.6.4.2

v1.6.4.3

v1.6.4.4

v1.6.4.5

v1.6.5

v1.6.5-rc0

v1.6.5-rc1

v1.6.5-rc2

v1.6.5-rc3

v1.6.5.1

v1.6.5.2

v1.6.5.3

v1.6.5.4

v1.6.5.5

v1.6.5.6

v1.6.5.7

v1.6.5.8

v1.6.5.9

v1.6.6

v1.6.6-rc0

v1.6.6-rc1

v1.6.6-rc2

v1.6.6-rc3

v1.6.6-rc4

v1.6.6.1

v1.6.6.2

v1.6.6.3

v1.7.0

v1.7.0-rc0

v1.7.0-rc1

v1.7.0-rc2

v1.7.0.1

v1.7.0.2

v1.7.0.3

v1.7.0.4

v1.7.0.5

v1.7.0.6

v1.7.0.7

v1.7.0.8

v1.7.0.9

v1.7.1

v1.7.1-rc0

v1.7.1-rc1

v1.7.1-rc2

v1.7.1.1

v1.7.1.2

v1.7.1.3

v1.7.1.4

v1.7.10

v1.7.10-rc0

v1.7.10-rc1

v1.7.10-rc2

v1.7.10-rc3

v1.7.10-rc4

v1.7.10.1

v1.7.10.2

v1.7.10.3

v1.7.10.4

v1.7.10.5

v1.7.11

v1.7.11-rc0

v1.7.11-rc1

v1.7.11-rc2

v1.7.11-rc3

v1.7.11.1

v1.7.11.2

v1.7.11.3

v1.7.11.4

v1.7.11.5

v1.7.11.6

v1.7.11.7

v1.7.12

v1.7.12-rc0

v1.7.12-rc1

v1.7.12-rc2

v1.7.12-rc3

v1.7.12.1

v1.7.12.2

v1.7.12.3

v1.7.12.4

v1.7.2

v1.7.2-rc0

v1.7.2-rc1

v1.7.2-rc2

v1.7.2-rc3

v1.7.2.1

v1.7.2.2

v1.7.2.3

v1.7.2.4

v1.7.2.5

v1.7.3

v1.7.3-rc0

v1.7.3-rc1

v1.7.3-rc2

v1.7.3.1

v1.7.3.2

v1.7.3.3

v1.7.3.4

v1.7.3.5

v1.7.4

v1.7.4-rc0

v1.7.4-rc1

v1.7.4-rc2

v1.7.4-rc3

v1.7.4.1

v1.7.4.2

v1.7.4.3

v1.7.4.4

v1.7.4.5

v1.7.5

v1.7.5-rc0

v1.7.5-rc1

v1.7.5-rc2

v1.7.5-rc3

v1.7.5.1

v1.7.5.2

v1.7.5.3

v1.7.5.4

v1.7.6

v1.7.6-rc0

v1.7.6-rc1

v1.7.6-rc2

v1.7.6-rc3

v1.7.6.1

v1.7.6.2

v1.7.6.3

v1.7.6.4

v1.7.6.5

v1.7.6.6

v1.7.7

v1.7.7-rc0

v1.7.7-rc1

v1.7.7-rc2

v1.7.7-rc3

v1.7.7.1

v1.7.7.2

v1.7.7.3

v1.7.7.4

v1.7.7.5

v1.7.7.6

v1.7.7.7

v1.7.8

v1.7.8-rc0

v1.7.8-rc1

v1.7.8-rc2

v1.7.8-rc3

v1.7.8-rc4

v1.7.8.1

v1.7.8.2

v1.7.8.3

v1.7.8.4

v1.7.8.5

v1.7.8.6

v1.7.9

v1.7.9-rc0

v1.7.9-rc1

v1.7.9-rc2

v1.7.9.1

v1.7.9.2

v1.7.9.3

v1.7.9.4

v1.7.9.5

v1.7.9.6

v1.7.9.7

v1.8.0

v1.8.0-rc0

v1.8.0-rc1

v1.8.0-rc2

v1.8.0-rc3

v1.8.0.1

v1.8.0.2

v1.8.0.3

v1.8.1

v1.8.1-rc0

v1.8.1-rc1

v1.8.1-rc2

v1.8.1-rc3

v1.8.1.1

v1.8.1.2

v1.8.1.3

v1.8.1.4

v1.8.1.5

v1.8.1.6

v1.8.2

v1.8.2-rc0

v1.8.2-rc1

v1.8.2-rc2

v1.8.2-rc3

v1.8.2.1

v1.8.2.2

v1.8.2.3

v1.8.3

v1.8.3-rc0

v1.8.3-rc1

v1.8.3-rc2

v1.8.3-rc3

v1.8.3.1

v1.8.3.2

v1.8.3.3

v1.8.3.4

v1.8.4

v1.8.4-rc0

v1.8.4-rc1

v1.8.4-rc2

v1.8.4-rc3

v1.8.4-rc4

v1.8.4.1

v1.8.4.2

v1.8.4.3

v1.8.4.4

v1.8.4.5

v1.8.5

v1.8.5-rc0

v1.8.5-rc1

v1.8.5-rc2

v1.8.5-rc3

v1.8.5.1

v1.8.5.2

v1.8.5.3

v1.8.5.4

v1.8.5.5

v1.8.5.6

v1.9-rc0

v1.9-rc1

v1.9-rc2

v1.9.0

v1.9.0-rc3

v1.9.1

v1.9.2

v1.9.3

v1.9.4

v1.9.5

v2.*

v2.0.0

v2.0.0-rc0

v2.0.0-rc1

v2.0.0-rc2

v2.0.0-rc3

v2.0.0-rc4

v2.0.1

v2.0.2

v2.0.3

v2.0.4

v2.0.5

v2.1.0

v2.1.0-rc0

v2.1.0-rc1

v2.1.0-rc2

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.10.0

v2.10.0-rc0

v2.10.0-rc1

v2.10.0-rc2

v2.10.1

v2.10.2

v2.10.3

v2.10.4

v2.10.5

v2.11.0

v2.11.0-rc0

v2.11.0-rc1

v2.11.0-rc2

v2.11.0-rc3

v2.11.1

v2.11.2

v2.11.3

v2.11.4

v2.12.0

v2.12.0-rc0

v2.12.0-rc1

v2.12.0-rc2

v2.12.1

v2.12.2

v2.12.3

v2.12.4

v2.12.5

v2.13.0

v2.13.0-rc0

v2.13.0-rc1

v2.13.0-rc2

v2.13.1

v2.13.2

v2.13.3

v2.13.4

v2.13.5

v2.13.6

v2.14.0

v2.14.0-rc0

v2.14.0-rc1

v2.14.1

v2.14.2

v2.14.3

v2.15.0

v2.15.0-rc0

v2.15.0-rc1

v2.15.0-rc2

v2.15.1

v2.2.0

v2.2.0-rc0

v2.2.0-rc1

v2.2.0-rc2

v2.2.0-rc3

v2.2.1

v2.2.2

v2.2.3

v2.3.0

v2.3.0-rc0

v2.3.0-rc1

v2.3.0-rc2

v2.3.1

v2.3.10

v2.3.2

v2.3.3

v2.3.4

v2.3.5

v2.3.6

v2.3.7

v2.3.8

v2.3.9

v2.4.0

v2.4.0-rc0

v2.4.0-rc1

v2.4.0-rc2

v2.4.0-rc3

v2.4.1

v2.4.10

v2.4.11

v2.4.12

v2.4.2

v2.4.3

v2.4.4

v2.4.5

v2.4.6

v2.4.7

v2.4.8

v2.4.9

v2.5.0

v2.5.0-rc0

v2.5.0-rc1

v2.5.0-rc2

v2.5.0-rc3

v2.5.1

v2.5.2

v2.5.3

v2.5.4

v2.5.5

v2.5.6

v2.6.0

v2.6.0-rc0

v2.6.0-rc1

v2.6.0-rc2

v2.6.0-rc3

v2.6.1

v2.6.2

v2.6.3

v2.6.4

v2.6.5

v2.6.6

v2.6.7

v2.7.0

v2.7.0-rc0

v2.7.0-rc1

v2.7.0-rc2

v2.7.0-rc3

v2.7.1

v2.7.2

v2.7.3

v2.7.4

v2.7.5

v2.7.6

v2.8.0

v2.8.0-rc0

v2.8.0-rc1

v2.8.0-rc2

v2.8.0-rc3

v2.8.0-rc4

v2.8.1

v2.8.2

v2.8.3

v2.8.4

v2.8.5

v2.8.6

v2.9.0

v2.9.0-rc0

v2.9.0-rc1

v2.9.0-rc2

v2.9.1

v2.9.2

v2.9.3

v2.9.4

v2.9.5