Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521)
Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903)
{ "binaries": [ { "binary_name": "git", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-all", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-cvs", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-el", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-email", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-gui", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-man", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-svn", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "gitk", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "gitweb", "binary_version": "1:2.17.1-1ubuntu0.14" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "git", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-all", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-cvs", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-el", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-email", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-gui", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-man", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-svn", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "gitk", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "gitweb", "binary_version": "1:2.25.1-1ubuntu3.7" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "git", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-all", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-cvs", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-email", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-gui", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-man", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-svn", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "gitk", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "gitweb", "binary_version": "1:2.34.1-1ubuntu1.6" } ], "availability": "No subscription required" }
{ "ecosystem": "Ubuntu:22.04:LTS", "cves": [ { "id": "CVE-2022-23521", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] }, { "id": "CVE-2022-41903", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" }, { "score": "medium", "type": "Ubuntu" } ] } ] }