How severe is CVE-2024-53263?

This vulnerability has a severity rating of HIGH with a CVSS score of N/A out of 10.

What type of vulnerability is CVE-2024-53263?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2024-53263

HIGH Year: 2024

Weakness Type

CWE-74

View all →

Vulnerability Description

Git LFS is a Git extension for versioning large files. When Git LFS requests credentials from Git for a remote host, it passes portions of the host's URL to the `git-credential(1)` command without checking for embedded line-ending control characters, and then sends any credentials it receives back from the Git credential helper to the remote host. By inserting URL-encoded control characters such as line feed (LF) or carriage return (CR) characters into the URL, an attacker may be able to retrieve a user's Git credentials. This problem exists in all previous versions and is patched in v3.6.1. All users should upgrade to v3.6.1. There are no workarounds known at this time.

CVE-2020-26282

CRITICAL

CVSS:10.0(Critical)

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. BrowserUp Proxy works well as a standalone proxy server, but it i...

CWE-742020

CVE-2022-24760

CRITICAL

CVSS:10.0(Critical)

Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution (RCE) vulnerability in Parse Server. This vulnerability affects Parse Server in the...

CWE-742022

CVE-2023-1523

CRITICAL

CVSS:10.0(Critical)

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap...

CWE-742023

CVE-2023-22527

CRITICAL

CVSS:10.0(Critical)

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version...

CWE-742023

CVE-2023-30547

CRITICAL

CVSS:10.0(Critical)

vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. There exists a vulnerability in exception sanitization of vm2 for versions up to 3.9.16, allowing attackers to ra...

CWE-742023

CVE-2023-32314

CRITICAL

CVSS:10.0(Critical)

vm2 is a sandbox that can run untrusted code with Node's built-in modules. A sandbox escape vulnerability exists in vm2 for versions up to and including 3.9.17. It abuses an unexpected creation of a h...

CWE-742023

CVE-2024-53263

Vulnerability Description

Related Vulnerabilities

CVE-2020-26282

CVE-2022-24760

CVE-2023-1523

CVE-2023-22527

CVE-2023-30547

CVE-2023-32314