RLSA-2023:3246 Important: git security update

🗓️ 25 May 2023 02:36:20Reported by GoogleType

osv

osv🔗 osv.dev👁 29 Views

Git decentralized repository security update

Reporter	Title	Published	Views	Family All 427
GithubExploit	Exploit for Path Traversal in Git-Scm Git	16 May 202617:08	–	githubexploit
GithubExploit	Exploit for Injection in Git-Scm Git	26 Apr 202314:00	–	githubexploit
GithubExploit	Exploit for Path Traversal in Git-Scm Git	7 Sep 202310:07	–	githubexploit
GithubExploit	Exploit for Injection in Git-Scm Git	6 May 202313:25	–	githubexploit
GithubExploit	Exploit for Improper Restriction of XML External Entity Reference in Cisco Secure_Endpoint	7 Apr 202605:08	–	githubexploit
FreeBSD	git -- "git apply" overwriting paths outside the working tree	14 Feb 202300:00	–	freebsd
FreeBSD	git -- Local clone-based data exfiltration with non-local transports	14 Feb 202300:00	–	freebsd
FreeBSD	git -- Multiple vulnerabilities	25 Apr 202300:00	–	freebsd
ALT Linux	Security fix for the ALT Linux 10 package git version 2.33.7-alt1	20 Feb 202300:00	–	altlinux
ALT Linux	Security fix for the ALT Linux 10 package git version 2.33.8-alt1	2 May 202300:00	–	altlinux

Source	Link
errata	www.errata.rockylinux.org/RLSA-2023:3246
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

04 Feb 2026 23:00Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.5 - 7.8

EPSS0.03559

SSVC

git security fix decentralized architecture cve-2023-25652 cve-2023-29007 cve-2023-22490 cve-2023-23946 cve-2023-25815 data exfiltration configuration injection crafted input