Lucene search

[email protected]CVE-2023-29007

HistoryApr 25, 2023 - 9:15 p.m.

CVE-2023-29007

2023-04-2521:15:10

CWE-74

[email protected]

web.nvd.nist.gov

281

git

version

2.40.1

remote code execution

cve-2023-29007

security vulnerability

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.0%

JSON

Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted .gitmodules file with submodule URLs that are longer than 1024 characters can used to exploit a bug in config.c::git_config_copy_or_rename_section_in_file(). This bug can be used to inject arbitrary configuration into a user’s $GIT_DIR/config when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as core.pager, core.editor, core.sshCommand, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running git submodule deinit on untrusted repositories or without prior inspection of any submodule sections in $GIT_DIR/config.

Affected configurations

Vulners

NVD

Node

gitgitRange<2.30.9

gitgitRange2.31.0–2.31.8

gitgitRange2.32.0–2.32.7

gitgitRange2.33.0–2.33.8

gitgitRange2.34.0–2.34.8

gitgitRange2.35.0–2.35.8

gitgitRange2.36.0–2.36.6

gitgitRange2.37.0–2.37.7

gitgitRange2.38.0–2.38.5

gitgitRange2.39.0–2.39.3

gitgitRange2.40.0–2.40.1

VendorProductVersionCPE
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*
gitgit*cpe:2.3:a:git:git:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::
git	git	*	cpe:2.3:a:git:git::::::::

Rows per page:

1-10 of 111

CNA Affected

[
  {
    "vendor": "git",
    "product": "git",
    "versions": [
      {
        "version": "< 2.30.9",
        "status": "affected"
      },
      {
        "version": ">= 2.31.0, < 2.31.8",
        "status": "affected"
      },
      {
        "version": ">= 2.32.0, < 2.32.7",
        "status": "affected"
      },
      {
        "version": ">= 2.33.0, < 2.33.8",
        "status": "affected"
      },
      {
        "version": ">= 2.34.0, < 2.34.8",
        "status": "affected"
      },
      {
        "version": ">= 2.35.0, < 2.35.8",
        "status": "affected"
      },
      {
        "version": ">= 2.36.0, < 2.36.6",
        "status": "affected"
      },
      {
        "version": ">= 2.37.0, < 2.37.7",
        "status": "affected"
      },
      {
        "version": ">= 2.38.0, < 2.38.5",
        "status": "affected"
      },
      {
        "version": ">= 2.39.0, < 2.39.3",
        "status": "affected"
      },
      {
        "version": ">= 2.40.0, < 2.40.1",
        "status": "affected"
      }
    ]
  }
]