Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 7.2.2
Affects Version/s: 7.2.1
Component/s: None
Labels:

CVSS Score:
9.1
CVSS Severity:
Critical
CVE ID:
CVE-2020-27955

Description

A remote code exeecution vulnerability was recently discovered in Git LFS:

https://legalhackers.com/advisories/Git-LFS-RCE-Exploit-CVE-2020-27955.html

Vulnerable git clients that clone a malicious repository are vulnerable to remote code execution.

Please determine if Bamboo is vulnerable. If it is definitively determined not to be affected, please close this as a false positive. If it is vulnerable, please work on remediating the issue.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(1 mentioned in)

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 26/Mar/2021 5:02 PM

Updated:: 13/Dec/2023 5:37 PM

Resolved:: 07/Apr/2021 4:58 PM