git-instaweb vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the git-instaweb package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H External Control of File Name or Path	<0:2.43.7-1.el8_10
H OS Command Injection	<0:2.43.7-1.el8_10
H Link Following	<0:2.43.7-1.el8_10
H Improper Encoding or Escaping of Output	<0:2.43.7-1.el8_10
H OS Command Injection	<0:2.43.7-1.el8_10
H Arbitrary Argument Injection	<0:2.43.7-1.el8_10
H Improper Encoding or Escaping of Output	<0:2.43.7-1.el8_10
M Improper Encoding or Escaping of Output	<0:2.43.5-3.el8_10
H CVE-2024-32020	<0:2.43.5-1.el8_10
H Link Following	<0:2.43.5-1.el8_10
H CVE-2024-32004	<0:2.43.5-1.el8_10
H CVE-2024-32465	<0:2.43.5-1.el8_10
H CVE-2024-32021	<0:2.43.5-1.el8_10
H Link Following	<0:2.39.3-1.el8_8
H Use of Externally-Controlled Format String	<0:2.39.3-1.el8_8
H CVE-2023-25652	<0:2.39.3-1.el8_8
H Directory Traversal	<0:2.39.3-1.el8_8
H Arbitrary Code Injection	<0:2.39.3-1.el8_8
M Uncontrolled Search Path Element	<0:2.39.1-1.el8
M Improper Ownership Management	<0:2.39.1-1.el8
M Heap-based Buffer Overflow	<0:2.39.1-1.el8
M Link Following	<0:2.39.1-1.el8
H Integer Overflow or Wraparound	<0:2.31.1-3.el8_7
H Integer Overflow or Wraparound	<0:2.31.1-3.el8_7
H Insufficiently Protected Credentials	<0:2.18.4-2.el8_2
H Insufficiently Protected Credentials	<0:2.18.2-2.el8_1
H CVE-2019-1348	<0:2.18.2-1.el8_1
H Improper Input Validation	<0:2.18.2-1.el8_1
H CVE-2019-1387	<0:2.18.2-1.el8_1
H Improper Input Validation	<0:2.18.2-1.el8_1

Vulnerability

Vulnerable Version

<0:2.43.7-1.el8_10