https://github.com|git/git vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|git/git package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Improper Encoding or Escaping of Output	[0,)
L Improper Encoding or Escaping of Output	[,2.40.4)[2.41.0,2.41.3)[2.42.0,2.42.4)[2.43.0,2.43.6)[2.44.0,2.44.3)[2.45.0,2.45.3)[2.46.0,2.46.3)[2.47.0,2.47.1)[2.48.0,2.48.1)
L Improper Encoding or Escaping of Output	[,2.40.4)[2.41.0,2.41.3)[2.42.0,2.42.4)[2.43.0,2.43.6)[2.44.0,2.44.3)[2.45.0,2.45.3)[2.46.0,2.46.3)[2.47.0,2.47.1)[2.48.0,2.48.1)
H Directory Traversal	[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)
H Process Control	[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)
L Improper Preservation of Permissions	[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)
C Path Traversal	[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)
L Improper Link Resolution Before File Access ('Link Following')	[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)
H Directory Traversal	[,2.30.9)[2.31.0,2.31.8)[2.32.0,2.32.7)[2.33.0,2.33.8)[2.34.0,2.34.8)[2.35.0,2.35.8)[2.36.0,2.36.6)[2.37.0,2.37.7)[2.38.0,2.38.5)[2.39.0,2.39.3)[2.40.0,2.40.1)
H Arbitrary Code Execution	[2.30.9,2.31.8)[2.32.0,2.32.7)[2.33.0,2.33.8)[2.34.0,2.34.8)[2.35.0,2.35.8)[2.36.0,2.36.6)[2.37.0,2.37.7)[2.38.0,2.38.5)[2.39.0,2.39.3)[2.40.0,2.40.1)
M Arbitrary File Read	[,2.30.8)[2.31.0,2.31.7)[2.32.0,2.32.6)[2.33.0,2.33.7)[2.34.0,2.34.7)[2.35.0,2.35.7)[2.36.0,2.36.5)[2.37.0,2.37.6)[2.38.0,2.38.4)[2.39.0,2.39.2)
H Directory Traversal	[,2.30.8)[2.31.0,2.31.7)[2.32.0,2.32.6)[2.33.0,2.33.7)[2.34.0,2.34.7)[2.35.0,2.35.7)[2.36.0,2.36.5)[2.37.0,2.37.6)[2.38.0,2.38.4)[2.39.0,2.39.2)
H Integer Overflow or Wraparound	[2.30.7,2.31.6)[2.32.0,2.32.5)[2.33.0,2.33.6)[2.34.0,2.34.6)[2.35.0,2.35.6)[2.36.0,2.36.4)[2.37.0,2.37.5)[2.38.0,2.38.3)[2.39.0,2.39.1)
H Integer Overflow or Wraparound	[2.30.7,2.31.6)[2.32.0,2.32.5)[2.33.0,2.33.6)[2.34.0,2.34.6)[2.35.0,2.35.6)[2.36.0,2.36.4)[2.37.0,2.37.5)[2.38.0,2.38.3)[2.39.0,2.39.1)
M Information Exposure	[,2.30.6)[2.31.4,2.31.5)[2.32.3,2.32.4)[2.33.4,2.33.5)[2.34.4,2.34.5)[2.35.4,2.35.5)[2.36.2,2.36.3)[2.37.3,2.37.4)[2.38.0,2.38.1)
M Information Exposure	[,2.30.6)[2.31.4,2.31.5)[2.32.3,2.32.4)[2.33.4,2.33.5)[2.34.4,2.34.5)[2.35.4,2.35.5)[2.36.2,2.36.3)[2.37.3,2.37.4)[2.38.0,2.38.1)
H Improper Ownership Management	[,2.30.5)[2.31.0,2.31.4)[2.32.0,2.32.3)[2.33.0,2.33.4)[2.34.0,2.34.4)[2.35.0,2.35.4)[2.36.0,2.36.2)[2.37.0,2.37.1)
H Uncontrolled Search Path Element	[,2.35.2)
M Information Exposure	[0,)
C Untrusted Search Path	[,2.19.2)
C Out-of-Bounds	[,2.4.11)[2.5.0,2.5.5)[2.6.0,2.6.6)[2.7.0,2.7.4)
M Cross-site Scripting (XSS)	[,1.7.3.4)
C CVE-2015-7082	[,2.5.4)
M Access Restriction Bypass	[,1.5.4.7)[1.5.5.0,1.5.5.6)[1.5.6.0,1.5.6.6)[1.6.0.0,1.6.0.6)
C Argument Injection	[2.14.0,2.14.5)[2.15.0,2.15.3)[2.16.0,2.16.5)[2.17.0,2.17.2)[2.18.0,2.18.1)[2.19.0,2.19.1)
H Insufficiently Protected Credentials	[,2.17.4)[2.18.0,2.18.3)[2.19.0,2.19.4)[2.20.0,2.20.3)[2.21.0,2.21.2)[2.22.0,2.22.3)[2.23.0,2.23.2)[2.24.0,2.24.2)[2.25.0,2.25.3)[2.26.0,2.26.1)
H Symlink Attack	[,2.14.3)[2.17.0,2.17.6)[2.18.0,2.18.5)[2.19.0,2.19.6)[2.20.0,2.20.5)[2.21.0,2.21.4)[2.22.0,2.22.5)[2.23.0,2.23.4)[2.24.0,2.24.4)[2.25.0,2.25.5)[2.26.0,2.26.3)[2.29.0,2.29.3)[2.30.0,2.30.2)
H Access Restriction Bypass	[,1.5.5)
H Remote Code Execution (RCE)	[,1.5.6)
L Information Exposure	[2.14.0,2.14.6)[2.15.0,2.15.4)[2.16.0,2.16.6)[2.17.0,2.17.3)[2.18.0,2.18.2)[2.19.0,2.19.3)[2.20.0,2.20.2)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)
H Out-of-bounds Read	[,2.13.7)[2.14.0,2.14.4)[2.15.0,2.15.2)[2.16.0,2.16.4)
H Improper Input Validation	[,2.20.0)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)
M Resource Management Errors	[1.4.4.5,1.6.3.2]
H Out-of-bounds Write	[,1.7.2.1)
C CVE-2019-1353	[2.14.0,2.14.6)[2.15.0,2.15.4)[2.16.0,2.16.6)[2.17.0,2.17.3)[2.18.0,2.18.2)[2.19.0,2.19.3)[2.20.0,2.20.2)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)
H Improper Input Validation	[,2.15.2)
H Command Injection	[,2.10.5)
H Arbitrary Code Execution	[2.14.0,2.14.6)[2.15.0,2.15.4)[2.16.0,2.16.6)[2.17.0,2.17.3)[2.18.0,2.18.2)[2.19.0,2.19.3)[2.20.0,2.20.2)[2.22.0,2.22.2)
H Improper Access Control	[,2.7.6)
H CVE-2021-40330	[,2.30.1)
C Out-of-Bounds	[,2.7.4)
H Security Features	[,2.13.7)[2.14.0,2.14.4)[2.15.0,2.15.2)[2.16.0,2.16.4)
H Out-of-Bounds	[,1.5.6.4)
H Cross-site Scripting (XSS)	[,1.9.3)
M Denial of Service (DoS)	[,2.14.3)
H Insufficiently Protected Credentials	[,2.17.5)[2.18.0,2.18.4)[2.19.0,2.19.5)[2.20.0,2.20.4)[2.21.0,2.21.3)[2.22.0,2.22.4)[2.23.0,2.23.3)[2.24.0,2.24.3)[2.25.0,2.25.4)[2.26.0,2.26.2)
M Improper Input Validation	[,1.8.1.4)
H Arbitrary Code Execution	[,1.1.5)
C Improper Input Validation	[,2.3.10)
C Improper Input Validation	[,1.8.5.6)[1.9.0,1.9.5)[2.0.0,2.0.5)[2.1.0,2.1.4)[2.2.0,2.2.1)

Vulnerability

Vulnerable Version

Improper Encoding or Escaping of Output

[0,)

Improper Encoding or Escaping of Output

[,2.40.4)[2.41.0,2.41.3)[2.42.0,2.42.4)[2.43.0,2.43.6)[2.44.0,2.44.3)[2.45.0,2.45.3)[2.46.0,2.46.3)[2.47.0,2.47.1)[2.48.0,2.48.1)

Improper Encoding or Escaping of Output

[,2.40.4)[2.41.0,2.41.3)[2.42.0,2.42.4)[2.43.0,2.43.6)[2.44.0,2.44.3)[2.45.0,2.45.3)[2.46.0,2.46.3)[2.47.0,2.47.1)[2.48.0,2.48.1)

Directory Traversal

[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)

Process Control

[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)

Improper Preservation of Permissions

[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)

Path Traversal

[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)

Improper Link Resolution Before File Access ('Link Following')

[,2.39.4)[2.40.0,2.40.2)[2.41.0,2.41.1)[2.42.0,2.42.2)[2.43.0,2.43.4)[2.44.0,2.44.1)[2.45.0,2.45.1)

Directory Traversal

[,2.30.9)[2.31.0,2.31.8)[2.32.0,2.32.7)[2.33.0,2.33.8)[2.34.0,2.34.8)[2.35.0,2.35.8)[2.36.0,2.36.6)[2.37.0,2.37.7)[2.38.0,2.38.5)[2.39.0,2.39.3)[2.40.0,2.40.1)

Arbitrary Code Execution

[2.30.9,2.31.8)[2.32.0,2.32.7)[2.33.0,2.33.8)[2.34.0,2.34.8)[2.35.0,2.35.8)[2.36.0,2.36.6)[2.37.0,2.37.7)[2.38.0,2.38.5)[2.39.0,2.39.3)[2.40.0,2.40.1)

Arbitrary File Read

[,2.30.8)[2.31.0,2.31.7)[2.32.0,2.32.6)[2.33.0,2.33.7)[2.34.0,2.34.7)[2.35.0,2.35.7)[2.36.0,2.36.5)[2.37.0,2.37.6)[2.38.0,2.38.4)[2.39.0,2.39.2)

Directory Traversal

[,2.30.8)[2.31.0,2.31.7)[2.32.0,2.32.6)[2.33.0,2.33.7)[2.34.0,2.34.7)[2.35.0,2.35.7)[2.36.0,2.36.5)[2.37.0,2.37.6)[2.38.0,2.38.4)[2.39.0,2.39.2)

Integer Overflow or Wraparound

[2.30.7,2.31.6)[2.32.0,2.32.5)[2.33.0,2.33.6)[2.34.0,2.34.6)[2.35.0,2.35.6)[2.36.0,2.36.4)[2.37.0,2.37.5)[2.38.0,2.38.3)[2.39.0,2.39.1)

Integer Overflow or Wraparound

[2.30.7,2.31.6)[2.32.0,2.32.5)[2.33.0,2.33.6)[2.34.0,2.34.6)[2.35.0,2.35.6)[2.36.0,2.36.4)[2.37.0,2.37.5)[2.38.0,2.38.3)[2.39.0,2.39.1)

Information Exposure

[,2.30.6)[2.31.4,2.31.5)[2.32.3,2.32.4)[2.33.4,2.33.5)[2.34.4,2.34.5)[2.35.4,2.35.5)[2.36.2,2.36.3)[2.37.3,2.37.4)[2.38.0,2.38.1)

Information Exposure

[,2.30.6)[2.31.4,2.31.5)[2.32.3,2.32.4)[2.33.4,2.33.5)[2.34.4,2.34.5)[2.35.4,2.35.5)[2.36.2,2.36.3)[2.37.3,2.37.4)[2.38.0,2.38.1)

Improper Ownership Management

[,2.30.5)[2.31.0,2.31.4)[2.32.0,2.32.3)[2.33.0,2.33.4)[2.34.0,2.34.4)[2.35.0,2.35.4)[2.36.0,2.36.2)[2.37.0,2.37.1)

Uncontrolled Search Path Element

[,2.35.2)

Information Exposure

[0,)

Untrusted Search Path

[,2.19.2)

Out-of-Bounds

[,2.4.11)[2.5.0,2.5.5)[2.6.0,2.6.6)[2.7.0,2.7.4)

Cross-site Scripting (XSS)

[,1.7.3.4)

CVE-2015-7082

[,2.5.4)

Access Restriction Bypass

[,1.5.4.7)[1.5.5.0,1.5.5.6)[1.5.6.0,1.5.6.6)[1.6.0.0,1.6.0.6)

Argument Injection

[2.14.0,2.14.5)[2.15.0,2.15.3)[2.16.0,2.16.5)[2.17.0,2.17.2)[2.18.0,2.18.1)[2.19.0,2.19.1)

Insufficiently Protected Credentials

[,2.17.4)[2.18.0,2.18.3)[2.19.0,2.19.4)[2.20.0,2.20.3)[2.21.0,2.21.2)[2.22.0,2.22.3)[2.23.0,2.23.2)[2.24.0,2.24.2)[2.25.0,2.25.3)[2.26.0,2.26.1)

Symlink Attack

[,2.14.3)[2.17.0,2.17.6)[2.18.0,2.18.5)[2.19.0,2.19.6)[2.20.0,2.20.5)[2.21.0,2.21.4)[2.22.0,2.22.5)[2.23.0,2.23.4)[2.24.0,2.24.4)[2.25.0,2.25.5)[2.26.0,2.26.3)[2.29.0,2.29.3)[2.30.0,2.30.2)

Access Restriction Bypass

[,1.5.5)

Remote Code Execution (RCE)

[,1.5.6)

Information Exposure

[2.14.0,2.14.6)[2.15.0,2.15.4)[2.16.0,2.16.6)[2.17.0,2.17.3)[2.18.0,2.18.2)[2.19.0,2.19.3)[2.20.0,2.20.2)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)

Out-of-bounds Read

[,2.13.7)[2.14.0,2.14.4)[2.15.0,2.15.2)[2.16.0,2.16.4)

Improper Input Validation

[,2.20.0)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)

Resource Management Errors

[1.4.4.5,1.6.3.2]

Out-of-bounds Write

[,1.7.2.1)

CVE-2019-1353

[2.14.0,2.14.6)[2.15.0,2.15.4)[2.16.0,2.16.6)[2.17.0,2.17.3)[2.18.0,2.18.2)[2.19.0,2.19.3)[2.20.0,2.20.2)[2.21.0,2.21.1)[2.22.0,2.22.2)[2.23.0,2.23.1)[2.24.0,2.24.1)

Improper Input Validation

[,2.15.2)

Command Injection

[,2.10.5)

Arbitrary Code Execution