Lucene search
K

35 matches found

OSV
OSV
added 2023/04/25 8:15 p.m.4 views

ALPINE-CVE-2023-25652

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents...

7.5CVSS6.8AI score0.52164EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/25 7:17 p.m.25 views

CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents...

7.5CVSS7.8AI score0.52164EPSS
Exploits0References10
FreeBSD
FreeBSD
added 2023/04/25 12:0 a.m.35 views

git -- Multiple vulnerabilities

git developers reports: This update includes 2 security fixes: CVE-2023-25652: By feeding specially crafted input to git apply --reject, a path outside the working tree can be overwritten with partially controlled contents corresponding to the rejected hunks from the given patch CVE-2023-29007: A...

7.8CVSS6.3AI score0.52164EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.16 views

PT-2023-3585 · Git +10 · Git +10

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.30.9 Git versions prior to 2.31.8 Git versions prior to 2.32.7 Git versions prior to 2.33.8 Git versions prior to 2.34.8 Git versions prior to 2.35.8 Git versions prior to 2.36.6 Git versions prior to 2.37.7 Git versio...

9.8CVSS6.3AI score0.88644EPSS
Exploits46References174
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.7 views

The vulnerability of the distributed Git version control system, related to the improper restriction on the path name of the restricted access directory, allows a violator to re-record any files in the system.

The vulnerability of the distributed Git version control system relates to the input of processed input data—the path outside the working tree may be rewritten by a user who runs “git apply”. Exploiting this vulnerability allows an attacker to rewrite any files in the system at will...

7.8CVSS6.8AI score0.01144EPSS
Exploits3References11Affected Software8
OSV
OSV
added 2023/02/24 9:34 a.m.5 views

CLSA-2023-1677231280 git: Fix of 4 CVEs

CVE-2022-41903: fix out-of-bounds write caused by integer overflow - CVE-2021-40330: forbid newlines in host and path - CVE-2022-39260: reject too long command line strings - CVE-2023-23946: prevent git-apply from writing behind newly created symbolic links...

9.8CVSS7.3AI score0.44268EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2023/02/17 3:59 p.m.44 views

CVE-2023-23946

A vulnerability was found in Git. This security issue occurs when feeding a crafted input to "git apply." A path outside the working tree can be overwritten by the user running "git apply." Mitigation Use git apply --stat to inspect a patch before applying; avoid applying one that creates a...

7.5CVSS7.3AI score0.01144EPSS
Exploits3References5
SUSE CVE
SUSE CVE
added 2023/02/16 3:2 a.m.7 views

SUSE CVE-2023-23946

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

5CVSS6.8AI score0.01144EPSS
Exploits3References15
Veracode
Veracode
added 2023/02/15 5:26 a.m.32 views

Path Traversal

git is vulnerable to Path Traversal. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply...

7.5CVSS7.3AI score0.01144EPSS
Exploits3References8Affected Software3
OSV
OSV
added 2023/02/14 8:15 p.m.6 views

DEBIAN-CVE-2023-23946

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

7.5CVSS6.8AI score0.01144EPSS
Exploits3References1
Debian CVE
Debian CVE
added 2023/02/14 7:48 p.m.41 views

CVE-2023-23946

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

7.5CVSS7.6AI score0.01144EPSS
Exploits3
OSV
OSV
added 2023/02/14 6:0 p.m.6 views

UBUNTU-CVE-2023-23946

Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to git apply, a path outside the working tree can be overwritten as the user who is running git apply. A...

7.5CVSS6.8AI score0.01144EPSS
Exploits3References3
FreeBSD
FreeBSD
added 2023/02/14 12:0 a.m.34 views

git -- "git apply" overwriting paths outside the working tree

git team reports: By feeding a crafted input to "git apply", a path outside the working tree can be overwritten as the user who is running "git apply"...

7.5CVSS7.5AI score0.01144EPSS
Exploits3References1
Oracle linux
Oracle linux
added 2022/07/25 12:0 a.m.72 views

java-1.8.0-openjdk security, bug fix, and enhancement update

1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...

7.5CVSS1.3AI score0.17673EPSS
Exploits2
Oracle linux
Oracle linux
added 2022/07/25 12:0 a.m.64 views

java-1.8.0-openjdk security, bug fix, and enhancement update

1:1.8.0.342.b07-1 - Update to shenandoah-jdk8u342-b07 - Update release notes for shenandoah-8u342-b07. - Print release file during build, which should now include a correct SOURCE value from .src-rev - Update tarball script with IcedTea GitHub URL and .src-rev generation - Use 'git apply' with...

7.5CVSS0.5AI score0.17673EPSS
Exploits2
Rows per page
Query Builder