[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

241641

 
 

909

 
 

192372

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

git: data exfiltration with maliciously crafted repository - CVE-2023-22490

ID: oval:org.secpod.oval:def:87850Date: (C)2023-03-07   (M)2024-02-07
Class: VULNERABILITYFamily: unix




A vulnerability was found in Git. Using a specially-crafted repository, Git can be tricked into using its local clone optimization even when using a non-local transport. Though Git will abort local clones whose source $GIT_DIR/objects directory contains symbolic links (CVE-2022-39253), the objects directory may still be a symbolic link.

Platform:
CentOS 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Product:
git
Reference:
CVE-2023-22490
CVE    1
CVE-2023-22490
CPE    5
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:8
cpe:/a:git:git
...

© SecPod Technologies