Security Advisory

CVE-2014-9706

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-03-31 14:00:00

Last updated 2024-08-06 13:55:04

Assigner debian

State PUBLISHED

Description

The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.

← Browse all CVEs View on cve.org ↗