The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
References
Configurations
History
07 Nov 2023, 02:23
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2015-03-31 14:59
Updated : 2024-02-28 12:20
NVD link : CVE-2014-9706
Mitre link : CVE-2014-9706
CVE.ORG link : CVE-2014-9706
JSON object : View
Products Affected
debian
- debian_linux
dulwich_project
- dulwich
CWE
CWE-19
Data Processing Errors