Abuse Melding

Je hebt een klacht over de onderstaande posting:

15-05-2024, 15:34 door Alexios

De github.blog pagina geeft zelf aan dat er meerdere kwetsbaarheden zijn: CVE-2024-32002 (Critical, Windows & macOS): Git repositories with submodules can trick Git into executing a hook from the .git/ directory during a clone operation, leading to Remote Code Execution. CVE-2024-32004 (High, multi-user machines): An attacker can craft a local repository that executes arbitrary code when cloned. CVE-2024-32465 (High, all setups): Cloning from .zip files containing Git repositories can bypass protections, potentially executing unsafe hooks. CVE-2024-32020 (Low, multi-user machines): Local clones on the same disk can allow untrusted users to modify hard-linked files in the cloned repository’s object database. CVE-2024-32021 (Low, multi-user machines): Cloning a local repository with symlinks can result in hard-linking to arbitrary files in the objects/ directory.

Beschrijf je klacht (Optioneel):