cancel
Showing results for 
Search instead for 
Did you mean: 
SamPirok
Community Manager Community Manager
Community Manager

Summary

A vulnerability in Git allows for protocol injection during the clone process when bundle URIs are enabled. Due to insufficient validation of advertised bundles, a malicious remote server can trick the Git client into writing fetched bundles to an attacker-controlled location. This can potentially result in arbitrary code execution. USN-7626-1

 

Impact Details

OS/Product

Exposure

ExtremeCloud IQ - Site Engine (XIQ-SE)

Yes

 

Repair Recommendations

ExtremeCloud IQ - Site Engine (XIQ-SE):

  • Fixed in 25.8.10 or later

Please see the full Security Advisory here for more details and future updates. 

GTM-P2G8KFN