Lucene search
UbuntuUSN-5810-1HistoryJan 17, 2023 - 12:00 a.m.
Git vulnerabilities
2023-01-1700:00:00
ubuntu.com
43
ubuntu 22.10
ubuntu 22.04 lts
ubuntu 20.04 lts
ubuntu 18.04 esm
gitattributes
arbitrary code
cve-2022-23521
commands
cve-2022-41903
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.8%
Releases
- Ubuntu 22.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
Packages
- git - fast, scalable, distributed revision control system
Details
Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain
gitattributes. An attacker could possibly use this issue to cause a crash
or execute arbitrary code. (CVE-2022-23521)
Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-41903)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 22.10 | noarch | git | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-all | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-cvs | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-daemon-run | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-daemon-sysvinit | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-dbgsym | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-doc | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-email | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-gui | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 22.10 | noarch | git-man | < 1:2.37.2-1ubuntu1.2 | UNKNOWN |
Related
amazon
amazon
Important: git
2023-01-31 20:44:00
Important: git
2023-01-30 16:02:00
oraclelinux
oraclelinux
git security update
2023-02-07 00:00:00
git security update
2023-02-07 00:00:00
git security update
2023-02-28 00:00:00
almalinux
almalinux
Important: git security update
2023-02-06 00:00:00
Important: git security update
2023-02-06 00:00:00
osv
osv
Important: git security update
2023-02-06 19:26:44
Important: git security update
2023-02-06 19:25:41
Important: git security update
2023-02-06 00:00:00
nessus
nessus
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Git vulnerabilities (USN-5810-1)
2023-01-17 00:00:00
RHEL 9 : git (RHSA-2023:0611)
2023-02-06 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0108-1)
2023-01-23 00:00:00
Mageia: Security Advisory (MGASA-2023-0033)
2023-03-28 00:00:00
openSUSE: Security Advisory for git (SUSE-SU-2023:0110-1)
2024-03-04 00:00:00
redhat
redhat
(RHSA-2023:0599) Important: git security update
2023-02-06 16:26:37
(RHSA-2023:0628) Important: git security update
2023-02-07 15:33:16
(RHSA-2023:0611) Important: git security update
2023-02-06 19:26:44
ubuntu
ubuntu
Git vulnerabilities
2023-02-07 00:00:00
Git regression
2023-01-19 00:00:00
Git vulnerabilities
2023-03-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package git version 2.33.6-alt1
2023-01-20 00:00:00
hivepro
hivepro
cloudfoundry
cloudfoundry
USN-5810-1: Git vulnerabilities | Cloud Foundry
2023-02-23 00:00:00
USN-5810-2: Git regression | Cloud Foundry
2023-02-24 00:00:00
rocky
rocky
git security update
2023-02-06 19:25:41
git security update
2023-02-06 19:26:44
thn
thn
Git Users Urged to Update Software to Prevent Remote Code Execution Attacks
2023-01-18 09:28:00
Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo
2023-07-25 04:17:00
slackware
slackware
[slackware-security] git
2023-01-18 06:22:27
redos
redos
ROS-20230418-03
2023-04-18 00:00:00
debian
debian
[SECURITY] [DLA 3282-1] git security update
2023-01-26 13:00:35
[SECURITY] [DSA 5332-1] git security update
2023-01-29 16:59:53
mageia
mageia
Updated git packages fix security vulnerability
2023-02-07 03:06:39
fedora
fedora
[SECURITY] Fedora 36 Update: git-2.39.1-1.fc36
2023-01-21 03:44:31
[SECURITY] Fedora 37 Update: git-2.39.1-1.fc37
2023-01-21 03:35:26
rosalinux
rosalinux
Advisory ROSA-SA-2023-2130
2023-03-07 12:33:13
Advisory ROSA-SA-2024-2398
2024-04-11 08:08:00
centos
centos
emacs, git, gitk, gitweb, perl security update
2023-03-01 14:01:43
github
github
Git security vulnerabilities announced
2023-01-17 18:31:50
kaspersky
kaspersky
KLA20182 Multiple vulnerabilities in Git for Windows
2023-01-17 00:00:00
KLA20235 Multiple vulnerabilities in Microsoft Developer Tools
2023-02-14 00:00:00
malwarebytes
malwarebytes
Update now! Two critical flaws in Git's code found, patched
2023-01-19 04:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-3.0-0526
2023-02-03 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0327
2023-02-06 00:00:00
cgr
cgr
CVE-2022-41903 vulnerabilities
2024-05-19 03:07:16
CVE-2022-23521 vulnerabilities
2024-05-19 03:07:16
cve
cve
CVE-2022-41903
2023-01-17 23:15:15
CVE-2022-23521
2023-01-17 23:15:15
cbl_mariner
cbl_mariner
CVE-2022-41903 affecting package git 2.23.4-2
2023-02-14 02:36:00
CVE-2022-23521 affecting package git 2.23.4-2
2023-02-14 02:36:00
CVE-2022-41903 affecting package git for versions less than 2.33.8-2
2023-09-27 18:02:50
cvelist
cvelist
CVE-2022-23521 gitattributes parsing integer overflow in git
2023-01-17 22:17:17
debiancve
debiancve
CVE-2022-41903
2023-01-17 23:15:15
CVE-2022-23521
2023-01-17 23:15:15
redhatcve
redhatcve
CVE-2022-23521
2023-01-18 17:05:12
CVE-2022-41903
2023-02-06 20:54:43
prion
prion
Integer overflow
2023-01-17 23:15:00
Integer overflow
2023-01-17 23:15:00
ubuntucve
ubuntucve
CVE-2022-41903
2023-01-17 00:00:00
CVE-2022-23521
2023-01-17 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in Git [CVE-2022-41903]
2023-04-06 19:28:48
nvd
nvd
CVE-2022-23521
2023-01-17 23:15:15
CVE-2022-41903
2023-01-17 23:15:15
alpinelinux
alpinelinux
CVE-2022-23521
2023-01-17 23:15:15
CVE-2022-41903
2023-01-17 23:15:15
wolfi
wolfi
CVE-2022-41903 vulnerabilities
2024-06-27 21:08:32
CVE-2022-23521 vulnerabilities
2024-06-27 21:08:32
veracode
veracode
Remote Code Execution(RCE)
2023-01-20 20:06:05
Integer Overflow
2023-01-18 20:22:07
freebsd
freebsd
git -- Heap overflow in `git archive`, `git log --format` leading to RCE
2023-01-17 00:00:00
git -- gitattributes parsing integer overflow
2023-01-17 00:00:00
mscve
mscve
GitHub: CVE-2022-23521 gitattributes parsing integer overflow
2023-02-14 08:00:00
gentoo
gentoo
Git: Multiple Vulnerabilities
2023-12-27 00:00:00
cloudlinux
cloudlinux
git: Fix of 4 CVEs
2023-02-24 09:34:40
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
85.8%
Related for USN-5810-1