Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-23521)
Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-41903)
{ "availability": "No subscription required", "binaries": [ { "binary_name": "git", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-all", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-cvs", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-el", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-email", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-gui", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-man", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "git-svn", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "gitk", "binary_version": "1:2.17.1-1ubuntu0.14" }, { "binary_name": "gitweb", "binary_version": "1:2.17.1-1ubuntu0.14" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "git", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-all", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-cvs", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-el", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-email", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-gui", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-man", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "git-svn", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "gitk", "binary_version": "1:2.25.1-1ubuntu3.7" }, { "binary_name": "gitweb", "binary_version": "1:2.25.1-1ubuntu3.7" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "git", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-all", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-cvs", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-daemon-run", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-daemon-sysvinit", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-email", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-gui", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-man", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-mediawiki", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "git-svn", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "gitk", "binary_version": "1:2.34.1-1ubuntu1.6" }, { "binary_name": "gitweb", "binary_version": "1:2.34.1-1ubuntu1.6" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:22.04:LTS", "cves": [ { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2022-23521" }, { "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ], "id": "CVE-2022-41903" } ] } }