Vulnerability Database
Blog
FAQ
Docs
RHSA-2023:0599
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2023:0599
Import Source
https://security.access.redhat.com/data/osv/RHSA-2023:0599.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2023:0599
Related
CVE-2022-23521
CVE-2022-41903
Published
2024-09-13T23:24:30Z
Modified
2024-09-13T23:24:30Z
Severity
9.8 (Critical)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: git security update
Details
References
https://access.redhat.com/errata/RHSA-2023:0599
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2162055
https://bugzilla.redhat.com/show_bug.cgi?id=2162056
https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_0599.json
https://access.redhat.com/security/cve/CVE-2022-23521
https://www.cve.org/CVERecord?id=CVE-2022-23521
https://nvd.nist.gov/vuln/detail/CVE-2022-23521
https://github.blog/2023-01-17-git-security-vulnerabilities-announced-2/
https://github.com/git/git/files/10430260/X41-OSTIF-Gitlab-Git-Security-Audit-20230117-public.pdf
https://github.com/git/git/security/advisories/GHSA-c738-c5qq-xg89
https://www.openwall.com/lists/oss-security/2023/01/17/4
https://access.redhat.com/security/cve/CVE-2022-41903
https://www.cve.org/CVERecord?id=CVE-2022-41903
https://nvd.nist.gov/vuln/detail/CVE-2022-41903
https://github.com/git/git/security/advisories/GHSA-475x-2q3q-hvwq
Affected packages
Red Hat:rhel_e4s:8.1::appstream
/
git
Package
Name
git
Purl
pkg:rpm/redhat/git
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-all
Package
Name
git-all
Purl
pkg:rpm/redhat/git-all
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-core
Package
Name
git-core
Purl
pkg:rpm/redhat/git-core
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-core-debuginfo
Package
Name
git-core-debuginfo
Purl
pkg:rpm/redhat/git-core-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-core-doc
Package
Name
git-core-doc
Purl
pkg:rpm/redhat/git-core-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-daemon
Package
Name
git-daemon
Purl
pkg:rpm/redhat/git-daemon
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-daemon-debuginfo
Package
Name
git-daemon-debuginfo
Purl
pkg:rpm/redhat/git-daemon-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-debuginfo
Package
Name
git-debuginfo
Purl
pkg:rpm/redhat/git-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-debugsource
Package
Name
git-debugsource
Purl
pkg:rpm/redhat/git-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-email
Package
Name
git-email
Purl
pkg:rpm/redhat/git-email
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-gui
Package
Name
git-gui
Purl
pkg:rpm/redhat/git-gui
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-instaweb
Package
Name
git-instaweb
Purl
pkg:rpm/redhat/git-instaweb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-subtree
Package
Name
git-subtree
Purl
pkg:rpm/redhat/git-subtree
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-svn
Package
Name
git-svn
Purl
pkg:rpm/redhat/git-svn
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
git-svn-debuginfo
Package
Name
git-svn-debuginfo
Purl
pkg:rpm/redhat/git-svn-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
gitk
Package
Name
gitk
Purl
pkg:rpm/redhat/gitk
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
gitweb
Package
Name
gitweb
Purl
pkg:rpm/redhat/gitweb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
perl-Git
Package
Name
perl-Git
Purl
pkg:rpm/redhat/perl-Git
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
Red Hat:rhel_e4s:8.1::appstream
/
perl-Git-SVN
Package
Name
perl-Git-SVN
Purl
pkg:rpm/redhat/perl-Git-SVN
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.18.4-2.el8_1
RHSA-2023:0599 - OSV