Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2022-7172

Malicious code in bioql PyPI...

7.8CVSS7.5AI score0.0042EPSS
Exploits1References6
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.26 views

CVE-2022-20001 affecting package fish 3.1.2-4

CVE-2022-20001 affecting package fish 3.1.2-4. This CVE either no longer is or was never applicable...

7.8CVSS8AI score0.01417EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.46 views

Ubuntu 20.04 ESM / 22.04 ESM : fish vulnerability (USN-5367-1)

The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5367-1 advisory. Justin Steven discovered that fish was not properly filtering local git configuration directives when running background git commands. A remote...

7.8CVSS7.7AI score0.01417EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/21 12:0 a.m.21 views

FreeBSD : shells/fish -- arbitrary code execution via git (a3b10c9b-99d9-11ed-aa55-d05099fed512)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a3b10c9b-99d9-11ed-aa55-d05099fed512 advisory. - fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary cod...

7.8CVSS7.5AI score0.01417EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/10/13 12:0 p.m.45 views

Powerline Gitstatus vulnerable to arbitrary code execution

powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...

7.8CVSS7.8AI score0.0042EPSS
Exploits1References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/22 12:0 a.m.39 views

Debian DSA-5234-1 : fish - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5234 advisory. - fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configurati...

7.8CVSS7.5AI score0.01417EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/19 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2022-0181)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.7AI score0.01417EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/05/18 12:0 a.m.27 views

Fedora 36 : fish (2022-443c5ec2dd)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-443c5ec2dd advisory. Update to 3.4.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

7.8CVSS7.3AI score0.01417EPSS
Exploits0References2
OSV
OSV
added 2022/05/15 10:6 a.m.5 views

MGASA-2022-0181 Updated fish packages fix security vulnerability

Arbitrary Code Execution. CVE-2022-20001...

7.8CVSS7.6AI score0.01417EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/04/04 12:0 a.m.16 views

Fedora: Security Advisory for fish (FEDORA-2022-443c5ec2dd)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.01417EPSS
Exploits0References2
OSV
OSV
added 2022/03/31 8:2 a.m.3 views

OPENSUSE-SU-2022:0096-1 Security update for fish3

This update for fish3 fixes the following issues: - CVE-2022-20001: Navigating to a compromised git repository may lead to arbitrary code execution bsc1197139...

7.8CVSS7.9AI score0.01417EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/03/14 12:0 a.m.5 views

CVE-2022-20001 Injection in fish

fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...

7.8CVSS7.9AI score0.01417EPSS
Exploits0References7
CVE
CVE
added 2022/03/14 12:0 a.m.265 views

CVE-2022-20001

CVE-2022-20001 affects fish shell 3.1.0–3.3.1 where changing directories can trigger arbitrary commands via git in per-repository configurations, affecting prompts and git integration when using default config. Root cause is per-repo configuration execution invoked during directory changes (promp...

7.8CVSS7.8AI score0.01417EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder