CVE-2015-8968

Name of the Vulnerable Software and Affected Versions git-fastclone versions prior to 1.0.1

Description The issue allows for arbitrary shell command execution from .gitmodules. An attacker can exploit this by instructing a user to run a recursive clone from a controlled repository, or by performing a man-in-the-middle (MITM) attack on an unencrypted git clone. The ext command will be executed when the repository is recursively cloned or when submodules are updated. This attack is effective for both local and remote repository clones.

Recommendations For git-fastclone versions prior to 1.0.1, update to version 1.0.1 or later to resolve the issue. As a temporary workaround, consider avoiding recursive clones and submodule updates from untrusted repositories. Restrict access to the ext command to minimize the risk of exploitation.