Количество 15
Количество 15
CVE-2023-25652
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
CVE-2023-25652
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
CVE-2023-25652
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.
CVE-2023-25652
GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write
CVE-2023-25652
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2. ...
BDU:2023-03859
Уязвимость распределенной системы управления версиями Git, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю оказать воздействие на целостность данных
ELSA-2023-3263
ELSA-2023-3263: git security update (IMPORTANT)
SUSE-SU-2023:2081-1
Security update for git
SUSE-SU-2023:2062-1
Security update for git
SUSE-SU-2023:2038-2
Security update for git
SUSE-SU-2023:2038-1
Security update for git
ROS-20230824-02
Множественные уязвимости Git
RLSA-2023:3246
Important: git security update
ELSA-2023-3246
ELSA-2023-3246: git security update (IMPORTANT)
ELSA-2023-3245
ELSA-2023-3245: git security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-25652 Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | CVSS3: 7.5 | 4% Низкий | около 2 лет назад |
 | CVE-2023-25652 Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | CVSS3: 7.5 | 4% Низкий | около 2 лет назад |
 | CVE-2023-25652 Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | CVSS3: 7.5 | 4% Низкий | около 2 лет назад |
 | CVE-2023-25652 GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write | 4% Низкий | около 2 лет назад | |
| CVE-2023-25652 Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2. ... | CVSS3: 7.5 | 4% Низкий | около 2 лет назад |
 | BDU:2023-03859 Уязвимость распределенной системы управления версиями Git, связанная с недостатками ограничения имени пути к каталогу, позволяющая нарушителю оказать воздействие на целостность данных | CVSS3: 7.5 | 4% Низкий | около 2 лет назад |
| ELSA-2023-3263 ELSA-2023-3263: git security update (IMPORTANT) | около 2 лет назад | ||
 | SUSE-SU-2023:2081-1 Security update for git | около 2 лет назад | ||
| SUSE-SU-2023:2062-1 Security update for git | около 2 лет назад | ||
| SUSE-SU-2023:2038-2 Security update for git | около 2 лет назад | ||
| SUSE-SU-2023:2038-1 Security update for git | около 2 лет назад | ||
 | ROS-20230824-02 Множественные уязвимости Git | CVSS3: 7.8 | почти 2 года назад | |
 | RLSA-2023:3246 Important: git security update | около 2 лет назад | ||
| ELSA-2023-3246 ELSA-2023-3246: git security update (IMPORTANT) | около 2 лет назад | ||
| ELSA-2023-3245 ELSA-2023-3245: git security update (IMPORTANT) | около 2 лет назад |
Уязвимостей на страницу