VDB
ALAS2023-2024-623
ALAS2023-2024-623
PUBLISHED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | git |
Exploit Intelligence
- This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on case-insensitive filesystems to write files into the .git/ directory, leading to the execution of malicious hooks. (github-poc-repo)
- This repository contains a PoC for exploiting CVE-2024-32002, a vulnerability in Git that allows RCE during a git clone operation. By crafting repositories with submodules in a specific way, an attacker can exploit symlink handling on case-insensitive filesystems to write files into the .git/ directory, leading to the execution of malicious hooks. (github-poc-repo)
- cve-2024-32002 (github-poc-repo)
- Proof of Concept for CVE-2024-32002: Git submodule path injection vulnerability. (github-poc-repo)
- srakkk/cve-2024-32002-hook (github-poc-repo)
- srakkk/cve-2024-32002-demo (github-poc-repo)
- Superproject repo for Backup Exec CVE-2024-32002 exploit (github-poc-repo)
- Submodule repo for Backup Exec CVE-2024-32002 exploit (github-poc-repo)
- hook repo for cve-2024-32002 (github-poc-repo)
- CVE-2024-32002 Private for Capstone Project CC10 (github-poc-repo)
…and 78 more exploits
Timeline
- May 28, 2024 CVE Published
References
- ALAS2023-2024-623: git (important) advisory