A vulnerability was found in Git. This security flaw occurs when renaming or deleting a section from a configuration file, where certain malicious configuration values may be misinterpreted as the beginning of a new configuration section. This flaw leads to arbitrary configuration injection.

References

bugzilla.redhat.com/show_bug.cgi?id=2188338

nvd.nist.gov/vuln/detail/CVE-2023-29007

www.cve.org/CVERecord?id=CVE-2023-29007

ubuntucve 1

nvd 1

prion 1

cgr 1

debiancve 1

wolfi 1

veracode 1

githubexploit 4

mscve 1

cve 1

osv 7

alpinelinux 1

cvelist 1

cnvd 1

oraclelinux 3

redos 1

openvas 21

centos 1

nessus 44

rosalinux 3

cloudlinux 1

redhat 21

ubuntu 2

freebsd 1

amazon 1

fedora 3

cloudfoundry 1

slackware 1

mageia 1

altlinux 1

almalinux 2

github 1

kaspersky 2

rocky 1

gentoo 1

avleonov 1

ibm 1

rapid7blog 1

oracle 1

ubuntucve

CVE-2023-29007

2023-04-25 00:00:00

nvd

CVE-2023-29007

2023-04-25 21:15:10

prion

Design/Logic Flaw

2023-04-25 21:15:00

cgr

CVE-2023-29007 vulnerabilities

2024-05-19 03:07:16

debiancve

CVE-2023-29007

2023-04-25 21:15:10

wolfi

CVE-2023-29007 vulnerabilities

2024-07-05 15:46:04

veracode

Remote Code Execution (RCE)

2023-05-12 17:58:59

githubexploit

Exploit for Injection in Git-Scm Git

2023-05-02 23:47:51

Exploit for Injection in Git-Scm Git

2023-04-26 14:00:11

Exploit for Injection in Git-Scm Git

2023-05-06 13:25:35

mscve

GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`

2023-06-13 07:00:00

cve

CVE-2023-29007

2023-04-25 21:15:10

osv

CVE-2023-29007

2023-04-25 21:15:10

git vulnerabilities

2023-05-17 13:56:26

git vulnerabilities

2023-05-01 09:37:06

alpinelinux

CVE-2023-29007

2023-04-25 21:15:10

cvelist

CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`

2023-04-25 20:09:52

cnvd

GIT suffers from a service parameter injection vulnerability

2023-05-31 00:00:00

oraclelinux

git security update

2023-05-23 00:00:00

git security update

2023-05-24 00:00:00

git security update

2023-05-23 00:00:00

redos

ROS-20230824-02

2023-08-24 00:00:00

openvas

CentOS: Security Advisory for emacs-git (CESA-2023:3263)

2023-07-30 00:00:00

Ubuntu: Security Advisory (USN-6050-2)

2023-05-18 00:00:00

Fedora: Security Advisory for git (FEDORA-2023-d84a75ea52)

2023-05-02 00:00:00

centos

emacs, git, gitk, gitweb, perl security update

2023-07-27 14:38:52

nessus

CentOS 7 : git (RHSA-2023:3263)

2023-07-28 00:00:00

Ubuntu 16.04 ESM : Git vulnerabilities (USN-6050-2)

2023-05-17 00:00:00

FreeBSD : git -- Multiple vulnerabilities (d2c6173f-e43b-11ed-a1d7-002590f2a714)

2023-04-26 00:00:00

rosalinux

Advisory ROSA-SA-2023-2176

2023-06-27 09:16:21

Advisory ROSA-SA-2023-2292

2023-11-14 13:25:27

Advisory ROSA-SA-2024-2398

2024-04-11 08:08:00

cloudlinux

git: Fix of 2 CVEs

2023-05-11 14:15:13

redhat

(RHSA-2023:3263) Important: git security update

2023-05-23 09:00:35

(RHSA-2023:3247) Important: git security update

2023-05-22 06:39:02

(RHSA-2023:3248) Important: git security update

2023-05-22 06:39:03

ubuntu

Git vulnerabilities

2023-05-17 00:00:00

Git vulnerabilities

2023-05-01 00:00:00

freebsd

git -- Multiple vulnerabilities

2023-04-25 00:00:00

amazon

Medium: git

2023-06-05 16:39:00

fedora

[SECURITY] Fedora 36 Update: git-2.40.1-1.fc36

2023-05-12 02:08:45

[SECURITY] Fedora 38 Update: git-2.40.1-1.fc38

2023-04-28 02:38:56

[SECURITY] Fedora 37 Update: git-2.40.1-1.fc37

2023-05-01 01:29:35

cloudfoundry

USN-6050-1: Git vulnerabilities | Cloud Foundry

2023-06-30 00:00:00

slackware

[slackware-security] git

2023-04-25 21:30:49

mageia

Updated git packages fix security vulnerability

2023-05-06 21:19:07

altlinux

Security fix for the ALT Linux 10 package git version 2.33.8-alt1

2023-05-02 00:00:00

almalinux

Important: git security update

2023-05-22 00:00:00

Important: git security update

2023-05-22 00:00:00

github

Git security vulnerabilities announced

2023-04-25 17:13:36

kaspersky

KLA49048 Multiple vulnerabilities in Git for Windows

2023-04-25 00:00:00

KLA50317 Multiple vulnerabilities in Microsoft Developer Tools

2023-06-13 00:00:00

rocky

git security update

2023-05-25 02:36:20

gentoo

Git: Multiple Vulnerabilities

2023-12-27 00:00:00

avleonov

Microsoft Patch Tuesday June 2023: Edge type confusion, Git RCE, OneNote Spoofing, PGM RCE, Exchange RCE, SharePoint EoP

2023-06-25 00:35:58

ibm

Security Bulletin: IBM QRadar SIEM includes components with known vulnerabilities

2023-10-24 19:01:25

rapid7blog

Patch Tuesday - June 2023

2023-06-13 20:49:27

oracle

Oracle Critical Patch Update Advisory - July 2023

2023-07-18 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.004 Low

EPSS

Percentile

75.0%

JSON

Related for RH:CVE-2023-29007