Lucene search
Alpine Linux Development TeamALPINE:CVE-2023-25652HistoryApr 25, 2023 - 8:15 p.m.
CVE-2023-25652
2023-04-2520:15:09
Alpine Linux Development Team
security.alpinelinux.org
32
0.002 Low
EPSS
Percentile
58.1%
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using git apply with --reject when applying patches from an untrusted source. Use git apply --stat to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the *.rej file exists.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | git | < 2.40.1-r0 | UNKNOWN |
| Alpine | 3.14-main | noarch | git | < 2.32.7-r0 | UNKNOWN |
| Alpine | 3.15-main | noarch | git | < 2.34.8-r0 | UNKNOWN |
| Alpine | 3.16-main | noarch | git | < 2.36.6-r0 | UNKNOWN |
| Alpine | 3.17-main | noarch | git | < 2.38.5-r0 | UNKNOWN |
| Alpine | 3.18-main | noarch | git | < 2.40.1-r0 | UNKNOWN |
| Alpine | 3.19-main | noarch | git | < 2.40.1-r0 | UNKNOWN |
Related
nessus
nessus
Fedora 37 : git (2023-2c851f43ba)
2023-11-20 00:00:00
Amazon Linux 2 : git (ALAS-2023-2072)
2023-06-08 00:00:00
Oracle Linux 7 : git (ELSA-2023-3263)
2023-05-23 00:00:00
cve
cve
CVE-2023-25652
2023-04-25 20:15:09
ubuntucve
ubuntucve
CVE-2023-25652
2023-04-25 00:00:00
openvas
openvas
Fedora: Security Advisory for git (FEDORA-2023-2c851f43ba)
2023-11-21 00:00:00
Ubuntu: Security Advisory (USN-6050-2)
2023-05-18 00:00:00
CentOS: Security Advisory for emacs-git (CESA-2023:3263)
2023-07-30 00:00:00
redhatcve
redhatcve
CVE-2023-25652
2023-04-26 06:17:51
mscve
mscve
cvelist
cvelist
osv
osv
CVE-2023-25652
2023-04-25 20:15:09
git vulnerabilities
2023-05-17 13:56:26
git vulnerabilities
2023-05-01 09:37:06
veracode
veracode
Path Traversal
2023-05-13 14:50:11
debiancve
debiancve
CVE-2023-25652
2023-04-25 20:15:09
fedora
fedora
[SECURITY] Fedora 37 Update: git-2.42.0-2.fc37
2023-11-21 01:23:08
[SECURITY] Fedora 38 Update: git-2.40.1-1.fc38
2023-04-28 02:38:56
[SECURITY] Fedora 37 Update: git-2.40.1-1.fc37
2023-05-01 01:29:35
cgr
cgr
CVE-2023-25652 vulnerabilities
2024-05-18 03:08:02
prion
prion
Design/Logic Flaw
2023-04-25 20:15:00
wolfi
wolfi
CVE-2023-25652 vulnerabilities
2024-05-18 03:12:40
freebsd
freebsd
git -- Multiple vulnerabilities
2023-04-25 00:00:00
ubuntu
ubuntu
Git vulnerabilities
2023-05-17 00:00:00
Git vulnerabilities
2023-05-01 00:00:00
amazon
amazon
Medium: git
2023-06-05 16:39:00
redhat
redhat
(RHSA-2023:3263) Important: git security update
2023-05-23 09:00:35
(RHSA-2023:3243) Important: git security update
2023-05-22 06:35:08
(RHSA-2023:3280) Important: rh-git227-git security update
2023-05-23 14:38:32
cloudlinux
cloudlinux
git: Fix of 2 CVEs
2023-05-11 14:15:13
rosalinux
rosalinux
Advisory ROSA-SA-2023-2176
2023-06-27 09:16:21
Advisory ROSA-SA-2023-2292
2023-11-14 13:25:27
Advisory ROSA-SA-2024-2398
2024-04-11 08:08:00
oraclelinux
oraclelinux
git security update
2023-05-23 00:00:00
git security update
2023-05-24 00:00:00
git security update
2023-05-23 00:00:00
redos
redos
ROS-20230824-02
2023-08-24 00:00:00
centos
centos
emacs, git, gitk, gitweb, perl security update
2023-07-27 14:38:52
altlinux
altlinux
Security fix for the ALT Linux 10 package git version 2.33.8-alt1
2023-05-02 00:00:00
slackware
slackware
[slackware-security] git
2023-04-25 21:30:49
cloudfoundry
cloudfoundry
USN-6050-1: Git vulnerabilities | Cloud Foundry
2023-06-30 00:00:00
mageia
mageia
Updated git packages fix security vulnerability
2023-05-06 21:19:07
almalinux
almalinux
Important: git security update
2023-05-22 00:00:00
Important: git security update
2023-05-22 00:00:00
kaspersky
kaspersky
KLA49048 Multiple vulnerabilities in Git for Windows
2023-04-25 00:00:00
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
2023-06-13 00:00:00
github
github
Git security vulnerabilities announced
2023-04-25 17:13:36
rocky
rocky
git security update
2023-05-25 02:36:20
gentoo
gentoo
Git: Multiple Vulnerabilities
2023-12-27 00:00:00
ibm
ibm
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00