Lucene search
GoogleOSV:CVE-2023-29012HistoryApr 25, 2023 - 9:15 p.m.
CVE-2023-29012
2023-04-2521:15:10
Google
osv.dev
4
git for windows
uncontrolled search path
vulnerability
patched
v2.40.1
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory.
Related
prion
prion
Design/Logic Flaw
2023-04-25 21:15:00
mscve
mscve
cvelist
cvelist
cve
cve
CVE-2023-29012
2023-04-25 21:15:10
nvd
nvd
CVE-2023-29012
2023-04-25 21:15:10
github
github
Git security vulnerabilities announced
2023-04-25 17:13:36
kaspersky
kaspersky
KLA49048 Multiple vulnerabilities in Git for Windows
2023-04-25 00:00:00
KLA50317 Multiple vulnerabilities in Microsoft Developer Tools
2023-06-13 00:00:00
nessus
nessus
Security Updates for Microsoft Visual Studio Products (June 2023)
2023-06-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - June 2023
2023-06-13 20:49:27