Closed spawar-apex closed 3 weeks ago
👋 Hi @spawar-apex ! The GitHub Advisory Database only reviews advisories for vulnerabilities in one or more of our supported ecosystems. https://github.com/git/git is not in any supported ecosystem, which means we can't review it at this time. Thank you for your interest in CVE-2024-32002, CVE-2024-32004, CVE-2024-32465, CVE-2024-32020, and CVE-2024-32021 and have a good weekend.
Hi Team,
Recently, Git released new versions to address 5 CVEs and details as shown below:
[CVE-2024-32002 (Critical, Windows & macOS)] [CVE-2024-32004 (High, multi-user machines)] [CVE-2024-32465 (High, all setups)] [CVE-2024-32020 (Low, multi-user machines)] [CVE-2024-32021 (Low, multi-user machines)]
I have integrated GHSA database in our product to validate against the packages in the application.
when I hit the GHSA public API with those CVE-IDs, they return empty.
Could you please share if these vulnerabilities are going to be added.
[1] https://github.blog/2024-05-14-securing-git-addressing-5-new-vulnerabilities/
Regards, Swapnil Pawar