Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-21284

Git LFS on Windows vulnerable to remote code execution (CVE-2020-27955)

XMLWordPrintable

    • 9.1
    • Critical
    • CVE-2020-27955

      A remote code exeecution vulnerability was recently discovered in Git LFS:

      https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html

      Vulnerable git clients that clone a malicious repository are vulnerable to remote code execution.

      Please determine if Bamboo is vulnerable. If it is definitively determined not to be affected, please close this as a false positive. If it is vulnerable, please work on remediating the issue.

              Unassigned Unassigned
              security-metrics-bot Security Metrics Bot
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: