KLA49048
Multiple vulnerabilities in Git for Windows

Updated: 05/16/2023
Detect date
?
04/25/2023
Severity
?
High
Description

Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Out of bounds memory access vulnerability can be exploited to cause denial of service.
  2. Remote code execution vulnerability can be exploited remotely to execute arbitrary code.
Exploitation

The following public exploits exists for this vulnerability:

https://github.com/ethiack/CVE-2023-29007

https://github.com/x-Defender/CVE-2023-29007_win-version

https://github.com/omespino/CVE-2023-29007

Affected products

Git for Windows earlier than 2.40.1

Solution

Update to the latest version
Git – Downloading Package

Original advisories

Git security vulnerabilities announced

Impacts
?
ACE 
[?]

DoS 
[?]

SB 
[?]
Related products
Git for Windows
CVE-IDS
?
CVE-2023-258155.0Critical
CVE-2023-290075.0Critical
CVE-2023-256525.0Critical
CVE-2023-290125.0Critical
CVE-2023-290115.0Critical
Find out the statistics of the vulnerabilities spreading in your region