{"id":"CVE-2018-11235","details":"In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs \"git clone --recurse-submodules\" because submodule \"names\" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with \"../\" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.","modified":"2026-04-16T01:44:24.029344960Z","published":"2018-05-30T04:29:00.287Z","related":["SUSE-SU-2018:1566-1","SUSE-SU-2018:1566-2","SUSE-SU-2018:1872-1","SUSE-SU-2018:2469-1","SUSE-SU-2018:3440-1","SUSE-SU-2020:1121-1","openSUSE-SU-2020:0598-1","openSUSE-SU-2024:10786-1","openSUSE-SU-2024:10943-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"14.04"}],"cpe":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"16.04"}],"cpe":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"17.10"}],"cpe":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"18.04"}],"cpe":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"8.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"9.0"}],"cpe":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"extracted_events":[{"last_affected":"7.0"}],"source":"CPE_FIELD","cpe":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.5"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7.0"}],"cpe":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"}]},"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/104345"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1040991"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:1957"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:2147"},{"type":"ADVISORY","url":"https://marc.info/?l=git&m=152761328506724&w=2"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201805-13"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3671-1/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4212"},{"type":"FIX","url":"https://blogs.msdn.microsoft.com/devops/2018/05/29/announcing-the-may-2018-git-security-vulnerability/"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/44822/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/git/git","events":[{"introduced":"0"},{"last_affected":"42e6fde5c28150206956ea4be490d886c4ecbd68"},{"last_affected":"468165c1d8a442994a825f3684528361727cd8c0"},{"last_affected":"fc54c1af3ec09bab8b8ea09768c2da4069b7f53e"},{"introduced":"4384e3cde2ce8ecd194202e171ae16333d241326"},{"last_affected":"fc849d8d6b90e5c1e0c37bc0d60dd92b2fe7347f"},{"introduced":"cb5918aa0d50f50e83787f65c2ddc3dcb10159fe"},{"last_affected":"9b185bef0c15cec1ea8753ce091e42ea041f2c31"},{"introduced":"2512f15446149235156528dafbe75930c712b29e"},{"last_affected":"d32eb83c1db7d0a8bb54fe743c6d1dd674d372c5"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"2.13.6"},{"last_affected":"2.17.0"},{"last_affected":"2.17.1"},{"introduced":"2.14.0"},{"last_affected":"2.14.3"},{"introduced":"2.15.0"},{"last_affected":"2.15.1"},{"introduced":"2.16.0"},{"last_affected":"2.16.3"}],"cpe":["cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*","cpe:2.3:a:git-scm:git:2.17.0:*:*:*:*:*:*:*","cpe:2.3:a:gitforwindows:git:*:*:*:*:*:*:*:*"]}}],"versions":["v0.99","v0.99.1","v0.99.2","v0.99.3","v0.99.4","v0.99.5","v0.99.6","v0.99.7","v0.99.8","v0.99.8a","v0.99.8b","v0.99.8c","v0.99.8d","v0.99.8e","v0.99.8f","v0.99.8g","v0.99.9a","v0.99.9b","v0.99.9c","v0.99.9d","v0.99.9e","v0.99.9f","v0.99.9g","v0.99.9h","v0.99.9i","v0.99.9j","v0.99.9k","v0.99.9l","v0.99.9m","v0.99.9n","v1.0.0","v1.0rc1","v1.0rc2","v1.0rc3","v1.0rc4","v1.0rc5","v1.0rc6","v1.1.0","v1.2.0","v1.3.0-rc1","v1.4.1","v1.4.1-rc1","v1.4.1-rc2","v1.4.2","v1.4.2-rc1","v1.4.2-rc2","v1.4.2-rc3","v1.4.2-rc4","v1.4.3","v1.4.3-rc1","v1.4.3-rc2","v1.4.3-rc3","v1.4.4","v1.4.4-rc1","v1.4.4-rc2","v1.4.4.1","v1.5.0","v1.5.0-rc0","v1.5.0-rc1","v1.5.0-rc2","v1.5.0-rc3","v1.5.0-rc4","v1.5.1","v1.5.1-rc1","v1.5.1-rc2","v1.5.1-rc3","v1.5.2","v1.5.2-rc0","v1.5.2-rc1","v1.5.2-rc2","v1.5.2-rc3","v1.5.3","v1.5.3-rc0","v1.5.3-rc1","v1.5.3-rc2","v1.5.3-rc3","v1.5.3-rc4","v1.5.3-rc5","v1.5.3-rc6","v1.5.3-rc7","v1.5.3.1","v1.5.4","v1.5.4-rc0","v1.5.4-rc1","v1.5.4-rc2","v1.5.4-rc3","v1.5.4-rc4","v1.5.4-rc5","v1.5.5","v1.5.5-rc0","v1.5.5-rc1","v1.5.5-rc2","v1.5.5-rc3","v1.5.6","v1.5.6-rc0","v1.5.6-rc1","v1.5.6-rc2","v1.5.6-rc3","v1.6.0","v1.6.0-rc0","v1.6.0-rc1","v1.6.0-rc2","v1.6.0-rc3","v1.6.1","v1.6.1-rc1","v1.6.1-rc2","v1.6.1-rc3","v1.6.1-rc4","v1.6.2","v1.6.2-rc0","v1.6.2-rc1","v1.6.2-rc2","v1.6.3","v1.6.3-rc0","v1.6.3-rc1","v1.6.3-rc2","v1.6.3-rc3","v1.6.3-rc4","v1.6.4","v1.6.4-rc0","v1.6.4-rc1","v1.6.4-rc2","v1.6.4-rc3","v1.6.5","v1.6.5-rc0","v1.6.5-rc1","v1.6.5-rc2","v1.6.5-rc3","v1.6.6","v1.6.6-rc0","v1.6.6-rc1","v1.6.6-rc2","v1.6.6-rc3","v1.6.6-rc4","v1.7.0","v1.7.0-rc0","v1.7.0-rc1","v1.7.0-rc2","v1.7.1","v1.7.1-rc0","v1.7.1-rc1","v1.7.1-rc2","v1.7.10","v1.7.10-rc0","v1.7.10-rc1","v1.7.10-rc2","v1.7.10-rc3","v1.7.10-rc4","v1.7.11","v1.7.11-rc0","v1.7.11-rc1","v1.7.11-rc2","v1.7.11-rc3","v1.7.12","v1.7.12-rc0","v1.7.12-rc1","v1.7.12-rc2","v1.7.12-rc3","v1.7.2","v1.7.2-rc0","v1.7.2-rc1","v1.7.2-rc2","v1.7.2-rc3","v1.7.3","v1.7.3-rc0","v1.7.3-rc1","v1.7.3-rc2","v1.7.3.1","v1.7.4","v1.7.4-rc0","v1.7.4-rc1","v1.7.4-rc2","v1.7.4-rc3","v1.7.5","v1.7.5-rc0","v1.7.5-rc1","v1.7.5-rc2","v1.7.5-rc3","v1.7.6","v1.7.6-rc0","v1.7.6-rc1","v1.7.6-rc2","v1.7.6-rc3","v1.7.7","v1.7.7-rc0","v1.7.7-rc1","v1.7.7-rc2","v1.7.7-rc3","v1.7.8","v1.7.8-rc0","v1.7.8-rc1","v1.7.8-rc2","v1.7.8-rc3","v1.7.8-rc4","v1.7.9","v1.7.9-rc0","v1.7.9-rc1","v1.7.9-rc2","v1.8.0","v1.8.0-rc0","v1.8.0-rc1","v1.8.0-rc2","v1.8.0-rc3","v1.8.1","v1.8.1-rc0","v1.8.1-rc1","v1.8.1-rc2","v1.8.1-rc3","v1.8.2","v1.8.2-rc0","v1.8.2-rc1","v1.8.2-rc2","v1.8.2-rc3","v1.8.3","v1.8.3-rc0","v1.8.3-rc1","v1.8.3-rc2","v1.8.3-rc3","v1.8.4","v1.8.4-rc0","v1.8.4-rc1","v1.8.4-rc2","v1.8.4-rc3","v1.8.4-rc4","v1.8.5","v1.8.5-rc0","v1.8.5-rc1","v1.8.5-rc2","v1.8.5-rc3","v1.9-rc0","v1.9-rc1","v1.9-rc2","v1.9.0","v1.9.0-rc3","v2.0.0","v2.0.0-rc0","v2.0.0-rc1","v2.0.0-rc2","v2.0.0-rc3","v2.0.0-rc4","v2.1.0","v2.1.0-rc0","v2.1.0-rc1","v2.1.0-rc2","v2.10.0","v2.10.0-rc0","v2.10.0-rc1","v2.10.0-rc2","v2.11.0","v2.11.0-rc0","v2.11.0-rc1","v2.11.0-rc2","v2.11.0-rc3","v2.12.0","v2.12.0-rc0","v2.12.0-rc1","v2.12.0-rc2","v2.13.0","v2.13.0-rc0","v2.13.0-rc1","v2.13.0-rc2","v2.13.1","v2.13.2","v2.13.3","v2.13.4","v2.13.5","v2.13.6","v2.14.0","v2.14.1","v2.14.2","v2.14.3","v2.15.0","v2.15.1","v2.16.0","v2.16.1","v2.16.2","v2.16.3","v2.17.0","v2.17.0-rc0","v2.17.0-rc1","v2.17.0-rc2","v2.17.1","v2.2.0","v2.2.0-rc0","v2.2.0-rc1","v2.2.0-rc2","v2.2.0-rc3","v2.3.0","v2.3.0-rc0","v2.3.0-rc1","v2.3.0-rc2","v2.4.0","v2.4.0-rc0","v2.4.0-rc1","v2.4.0-rc2","v2.4.0-rc3","v2.5.0","v2.5.0-rc0","v2.5.0-rc1","v2.5.0-rc2","v2.5.0-rc3","v2.6.0","v2.6.0-rc0","v2.6.0-rc1","v2.6.0-rc2","v2.6.0-rc3","v2.7.0","v2.7.0-rc0","v2.7.0-rc1","v2.7.0-rc2","v2.7.0-rc3","v2.8.0","v2.8.0-rc0","v2.8.0-rc1","v2.8.0-rc2","v2.8.0-rc3","v2.8.0-rc4","v2.9.0","v2.9.0-rc0","v2.9.0-rc1","v2.9.0-rc2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-11235.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}