13 matches found
EUVD-2022-7172
Malicious code in bioql PyPI...
CVE-2022-20001 affecting package fish 3.1.2-4
CVE-2022-20001 affecting package fish 3.1.2-4. This CVE either no longer is or was never applicable...
Ubuntu 20.04 ESM / 22.04 ESM : fish vulnerability (USN-5367-1)
The remote Ubuntu 20.04 ESM / 22.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5367-1 advisory. Justin Steven discovered that fish was not properly filtering local git configuration directives when running background git commands. A remote...
FreeBSD : shells/fish -- arbitrary code execution via git (a3b10c9b-99d9-11ed-aa55-d05099fed512)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a3b10c9b-99d9-11ed-aa55-d05099fed512 advisory. - fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary cod...
Powerline Gitstatus vulnerable to arbitrary code execution
powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...
Debian DSA-5234-1 : fish - security update
The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5234 advisory. - fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configurati...
Mageia: Security Advisory (MGASA-2022-0181)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 36 : fish (2022-443c5ec2dd)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-443c5ec2dd advisory. Update to 3.4.1 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
MGASA-2022-0181 Updated fish packages fix security vulnerability
Arbitrary Code Execution. CVE-2022-20001...
Fedora: Security Advisory for fish (FEDORA-2022-443c5ec2dd)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2022:0096-1 Security update for fish3
This update for fish3 fixes the following issues: - CVE-2022-20001: Navigating to a compromised git repository may lead to arbitrary code execution bsc1197139...
CVE-2022-20001 Injection in fish
fish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing...
CVE-2022-20001
CVE-2022-20001 affects fish shell 3.1.0–3.3.1 where changing directories can trigger arbitrary commands via git in per-repository configurations, affecting prompts and git integration when using default config. Root cause is per-repo configuration execution invoked during directory changes (promp...