Lucene search
GitHub_MCVELIST:CVE-2023-29012HistoryApr 25, 2023 - 8:44 p.m.
CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in the current directory, if it exists
2023-04-2520:44:05
CWE-427
GitHub_M
raw.githubusercontent.com
2
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory.
Related
prion
prion
Design/Logic Flaw
2023-04-25 21:15:00
mscve
mscve
osv
osv
CVE-2023-29012
2023-04-25 21:15:10
cve
cve
CVE-2023-29012
2023-04-25 21:15:10
kaspersky
kaspersky
KLA49048 Multiple vulnerabilities in Git for Windows
2023-04-25 00:00:00
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
2023-06-13 00:00:00
github
github
Git security vulnerabilities announced
2023-04-25 17:13:36
nessus
nessus
Security Updates for Microsoft Visual Studio Products (June 2023)
2023-06-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27