6 matches found
CVE-2023-29012
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...
GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it exists
...
CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in the current directory, if it exists
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...
CVE-2023-29012
CVE-2023-29012 affects Git for Windows: prior to version 2.40.1, starting Git CMD in an untrusted directory could silently execute a maliciously placed doskey.exe due to a mis-specified search path. The vulnerability is addressed in Git for Windows v2.40.1; remediation is to upgrade. Workarounds ...
CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in the current directory, if it exists
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed doskey.exe would be executed silently upon running Git CMD. The problem ha...
KLA49048 Multiple vulnerabilities in Git for Windows
Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory access vulnerability can be exploited to cause denial of service and...