git: data exfiltration with maliciously crafted repository - CVE-2023-22490ID: oval:org.secpod.oval:def:87850 | Date: (C)2023-03-07 (M)2024-02-07 |
Class: VULNERABILITY | Family: unix |
A vulnerability was found in Git. Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links (CVE-2022-39253), the objects directory may still be a symbolic link.
Platform: |
CentOS 7 |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |