CVE-2024-32004

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-32004
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-32004.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-32004
Aliases
Downstream
Related
Published
2024-05-14T18:46:32.192Z
Modified
2025-11-27T19:35:53.385175Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
Git vulnerable to Remote Code Execution while cloning special-crafted local repositories
Details

Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources.

Database specific 
{
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/ee626f5d79d5817bb21d6f048dc0da4c4e383443/cves/2024/32xxx/CVE-2024-32004.json",
    "cwe_ids": [
        "CWE-114"
    ]
}
References

Affected packages

Git / github.com/git/git

Affected ranges

Type
GIT
Repo
https://github.com/git/git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
786a3e4b8d754d2b14b1208b98eeb0a554ef19a8
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "= 2.45.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3c2a3fdc388747b9eaf4a4a4f2035c1c9ddb26d0
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "= 2.44.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
564d0252ca632e0264ed670534a51d18a689ef5d
Fixed
1f2e64e22dee75db96b92d526d14003ba59a154e
Database specific 
{
    "versions": [
        {
            "introduced": "2.43.0"
        },
        {
            "fixed": "2.43.4"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
43c8a30d150ecede9709c1f2527c8fba92c65f40
Fixed
babb4e5d7107ba730beff8d224e4bcf065533e0b
Database specific 
{
    "versions": [
        {
            "introduced": "2.42.0"
        },
        {
            "fixed": "2.42.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
fe86abd7511a9a6862d5706c6fa1d9b57a63ba09
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "= 2.41.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
73876f4861cd3d187a4682290ab75c9dccadbc56
Fixed
b9b439e0e3a543ddb920e4cf8d3c9d53f730111f
Database specific 
{
    "versions": [
        {
            "introduced": "2.40.0"
        },
        {
            "fixed": "2.40.2"
        }
    ]
}
Type
GIT
Repo
https://github.com/git/git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
47b6d90e91835082010da926f6a844d4441c57a6
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.39.4"
        }
    ]
}