BestHub
search
Sign in
Tag

CVE-2024-32002

0 views collected around this technical thread.

Java Tech Enthusiast
Java Tech Enthusiast
Jun 1, 2024 · Information Security

Git CVE-2024-32002 Remote Code Execution Vulnerability Analysis

The article examines Git CVE‑2024‑32002, a remote‑code‑execution flaw that lets attackers run malicious code simply by cloning a crafted repository, exploiting Git hooks, submodules and case‑insensitive symbolic‑link tricks, and advises users to verify their Git version and update to mitigate the risk.

CVE-2024-32002HooksRCE
0 likes · 9 min read
Git CVE-2024-32002 Remote Code Execution Vulnerability Analysis
Java Tech Enthusiast
Java Tech Enthusiast
May 28, 2024 · Information Security

Remote Code Execution Vulnerability in Git (CVE-2024-32002) Explained

Git’s CVE‑2024‑32002 is a critical remote‑code‑execution flaw where a malicious repository can exploit hooks, submodules, and symlinks on case‑insensitive file systems to inject and run attacker‑controlled scripts during a recursive clone, affecting versions up to 2.45.0 and mitigated by disabling recursive submodule fetching, avoiding untrusted clones, and updating Git.

CVE-2024-32002HooksRCE
0 likes · 9 min read
Remote Code Execution Vulnerability in Git (CVE-2024-32002) Explained