Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources.
{
"cna_assigner": "GitHub_M",
"cwe_ids": [
"CWE-114"
],
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/32xxx/CVE-2024-32004.json"
}{
"source": [
"CPE_RANGE",
"CPE_STRING"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.39.4"
},
{
"last_affected": "2.44.0"
},
{
"last_affected": "2.45.0"
},
{
"introduced": "2.43.0"
},
{
"fixed": "2.43.4"
}
],
"cpe": [
"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
"cpe:2.3:a:git-scm:git:2.44.0:*:*:*:*:*:*:*",
"cpe:2.3:a:git-scm:git:2.45.0:*:*:*:*:*:*:*"
]
}{
"source": [
"CPE_RANGE",
"CPE_STRING",
"REFERENCES"
],
"extracted_events": [
{
"introduced": "0"
},
{
"fixed": "2.39.4"
},
{
"last_affected": "2.41.0"
},
{
"last_affected": "2.44.0"
},
{
"last_affected": "2.45.0"
},
{
"introduced": "2.40.0"
},
{
"fixed": "2.40.2"
},
{
"introduced": "2.42.0"
},
{
"fixed": "2.42.2"
},
{
"introduced": "2.43.0"
},
{
"fixed": "2.43.4"
}
],
"cpe": [
"cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*",
"cpe:2.3:a:git-scm:git:2.41.0:*:*:*:*:*:*:*",
"cpe:2.3:a:git-scm:git:2.44.0:*:*:*:*:*:*:*",
"cpe:2.3:a:git-scm:git:2.45.0:*:*:*:*:*:*:*"
]
}