Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA20184
Multiple vulnerabilities in Git for Windows

Обновлено: 16/05/2023
Дата обнаружения
 18/10/2022
Уровень угрозы
 High
Описание

Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. Information disclosure vulnerability in Git can be exploited remotely to obtain sensitive information.
  2. Integer overflow vulnerability in git shell can be exploited to execute arbitrary code.
Эксплуатация

The following public exploits exists for this vulnerability:

https://github.com/HiImDarwin/NetworkSecurityFinalProject
Пораженные продукты

Git for Windows earlier than 2.38.1
Решение

Update to the latest version
Git — Downloading Package
Первичный источник обнаружения
 Git security vulnerabilities announced
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]
Связанные продукты
 Git for Windows
CVE-IDS
CVE-2022-392535.0Critical
CVE-2022-392605.0Critical
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up