Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
CVSS Score
4.3
EPSS Score
0.135
Published
2010-12-17
The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary commands via shell metacharacters related to git_search.
CVSS Score
7.5
EPSS Score
0.015
Published
2009-01-20
Buffer overflow in git-checkout-index in GIT before 1.1.5 allows remote attackers to execute arbitrary code via an index file with a long symbolic link.
CVSS Score
7.5
EPSS Score
0.067
Published
2006-01-31