gitweb/gitweb.perl in gitweb in Git 1.6.x before 22.214.171.124, 1.5.6.x before 126.96.36.199, 1.5.5.x before 188.8.131.52, 1.5.4.x before 184.108.40.206, and other versions after 1.4.3 allows local repository owners to execute arbitrary commands by modifying the diff.external configuration variable and executing a crafted gitweb query.
Publish Date : 2009-01-20 Last Update Date : 2017-08-07
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify
a vulnerability or a missing patch. Check out the OVAL definitions
if you want to learn what you should do to verify a vulnerability.