cbcvebase.
CVE-2023-23946
published 2023-02-14

CVE-2023-23946: Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and…

PriorityP341high7.5CVSS 3.1
AVNACLPRNUINSUCNIHAN
EPSS
1.14%
62.7th percentile
Git, a revision control system, is vulnerable to path traversal prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8. By feeding a crafted input to `git apply`, a path outside the working tree can be overwritten as the user who is running `git apply`. A fix has been prepared and will appear in v2.39.2, v2.38.4, v2.37.6, v2.36.5, v2.35.7, v2.34.7, v2.33.7, v2.32.6, v2.31.7, and v2.30.8. As a workaround, use `git apply --stat` to inspect a patch before applying; avoid applying one that creates a symbolic link and then creates a file beyond the symbolic link.

Affected

35 ranges· showing 25
VendorProductVersion rangeFixed in
debiangit< git 1:2.39.2-1 (bookworm)git 1:2.39.2-1 (bookworm)
git-scmgit< 2.30.82.30.8
git-scmgit>= 2.31.0 < 2.31.72.31.7
git-scmgit>= 2.32.0 < 2.32.62.32.6
git-scmgit>= 2.33.0 < 2.33.72.33.7
git-scmgit>= 2.34.0 < 2.34.72.34.7
git-scmgit>= 2.35.0 < 2.35.72.35.7
git-scmgit>= 2.36.0 < 2.36.52.36.5
git-scmgit>= 2.37.0 < 2.37.62.37.6
git-scmgit>= 2.38.0 < 2.38.42.38.4
git-scmgit>= 2.39.0 < 2.39.22.39.2
gitgit< 2.30.82.30.8
gitgit
gitgit
gitgit
gitgit
gitgit
gitgit
gitgit
gitgit
gitgit
gitgit>= 0 < 1:2.30.2-1+deb11u21:2.30.2-1+deb11u2
gitgit>= 0 < 1:2.39.2-11:2.39.2-1
gitgit>= 0 < 1:2.39.2-11:2.39.2-1
gitgit>= 0 < 1:2.39.2-11:2.39.2-1

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
osv7.5HIGH
vendor_debian6.2MEDIUM
vendor_msrc6.2HIGH
vendor_redhat6.2MEDIUM
vendor_ubuntu5.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.