Summary
A vulnerability in Git allows for protocol injection during the clone process when bundle URIs are enabled. Due to insufficient validation of advertised bundles, a malicious remote server can trick the Git client into writing fetched bundles to an attacker-controlled location. This can potentially result in arbitrary code execution. USN-7626-1
Impact Details
OS/Product
|
Exposure
|
ExtremeCloud IQ - Site Engine (XIQ-SE)
|
Yes
|
Repair Recommendations
ExtremeCloud IQ - Site Engine (XIQ-SE):
- Fixed in 25.8.10 or later
Please see the full Security Advisory here for more details and future updates.