[Forgot Password]
Login  Register Subscribe

24437

 
 

131950

 
 

117853

 
 

909

 
 

91655

 
 

143

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-948

ID: oval:org.secpod.oval:def:1600833Date: (C)2018-02-12   (M)2018-02-12
Class: PATCHFamily: unix




Mishandling layers of tree objectsGit through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to disk

Platform:
Amazon Linux AMI
Product:
git
Reference:
ALAS-2018-948
CVE-2017-15298
CVE    1
CVE-2017-15298
CPE    3
cpe:/o:amazon:linux
cpe:/a:git:git
cpe:/a:git-scm:git:2.14.2

© SecPod Technologies