VDB
CVE-2021-21237
CVE-2021-21237
PUBLISHED
Git LFS can execute a Git binary from the current directory on Windows
EPSS 0.20% · 41.7th percentile
Risk Scores
EPSS Score
0.20%
41.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | git-lfs | 0 |
| Bitnami | git-lfs | 0, 0 |
Exploit Intelligence
- https://github.com/git-lfs/git-lfs/security/advisories/GHSA-cx3w-xqmc-84g5 (circl)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27955 (circl)
- https://github.com/git-lfs/git-lfs/releases/tag/v2.13.2 (circl)
- https://github.com/git-lfs/git-lfs/commit/fc664697ed2c2081ee9633010de0a7f9debea72a (circl)
Timeline
- Jan 15, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27955 url
- https://github.com/git-lfs/git-lfs/commit/fc664697ed2c2081ee9633010de0a7f9debea72a url
- https://github.com/git-lfs/git-lfs/releases/tag/v2.13.2 url
- https://github.com/git-lfs/git-lfs/security/advisories/GHSA-cx3w-xqmc-84g5 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-21237 url