vulnerability
Alpine Linux: CVE-2016-2315: git path_name() integer truncation and overflow leading to buffer overflow
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | Apr 8, 2016 | Aug 30, 2017 | Oct 30, 2017 |
Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
Apr 8, 2016
Added
Aug 30, 2017
Modified
Oct 30, 2017
Description
revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.
Solution
alpine-linux-upgrade-git
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.