Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-21284

Git LFS on Windows vulnerable to remote code execution (CVE-2020-27955)

XMLWordPrintable

    • 9.1
    • Critical
    • CVE-2020-27955

      A remote code exeecution vulnerability was recently discovered in Git LFS:

      https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html

      Vulnerable git clients that clone a malicious repository are vulnerable to remote code execution.

      Please determine if Bamboo is vulnerable. If it is definitively determined not to be affected, please close this as a false positive. If it is vulnerable, please work on remediating the issue.

            Unassigned Unassigned
            security-metrics-bot Security Metrics Bot
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved: