KLA20182
Multiple vulnerabilities in Git for Windows

Обновлено: 16/05/2023
Дата обнаружения
17/01/2023
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Integer overflow vulnerability can be exploited to execute arbitrary code.
  2. Remote code execution vulnerability in Git GUI can be exploited to execute arbitrary code.
Эксплуатация

The following public exploits exists for this vulnerability:

https://github.com/sondermc/git-cveissues

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Git for Windows earlier than 2.39.1

Решение

Update to the latest version
Git — Downloading Package

Первичный источник обнаружения
Git security vulnerabilities announced
Оказываемое влияние
?
ACE 
[?]

SB 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Git for Windows
CVE-IDS
CVE-2022-419035.0Critical
CVE-2022-419535.0Critical
CVE-2022-235215.0Critical
Узнай статистику распространения уязвимостей в твоем регионе