10 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-25648
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remo...
[SECURITY] [DLA 3303-1] ruby-git security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3303-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta January 31, 2023 https://wiki.debian.org/LTS -...
Important: Red Hat Security Advisory: Satellite 6.12 Release
An update is now available for Red Hat Satellite 6.12. The release contains a new version of Satellite and important security fixes for various components. Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring ...
RLSA-2022:8506 Important: Satellite 6.12 Release
Rocky Enterprise Software Foundation Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Security Fixes: netty-codec: Bzip2Decoder doesn't allow setting...
Updated ruby-git packages fix security vulnerability
Command Injection via git argument injection CVE-2022-25648...
CVE-2022-25648
A flaw was found in ruby-git, where the package is vulnerable to command injection via the git argument. This flaw allows an attacker to set additional flags, which leads to performing command injections...
CVE-2022-25648
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...
CVE-2022-25648 Command Injection
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...
CVE-2022-25648
CVE-2022-25648 affects the Ruby library ruby-git (Ruby interface to Git). The vulnerability arises from the fetch(remote = 'origin', opts = {}) pathway, where the remote argument is passed to the underlying git fetch command and can be manipulated to inject commands. Several connected advisories ...
CVE-2022-25648
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetchremote = 'origin', opts = function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform...