vulnerability
CentOS Linux: CVE-2022-25648: Important: Satellite 6.12 Release (CESA-2022:8506)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Apr 19, 2022 | Nov 17, 2022 | May 25, 2023 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Apr 19, 2022
Added
Nov 17, 2022
Modified
May 25, 2023
Description
The package git before 1.11.0 are vulnerable to Command Injection via git argument injection. When calling the fetch(remote = 'origin', opts = {}) function, the remote parameter is passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.
Solutions
centos-upgrade-foreman-clicentos-upgrade-python39-pulp_manifestcentos-upgrade-rubygem-amazing_printcentos-upgrade-rubygem-apipie-bindingscentos-upgrade-rubygem-clampcentos-upgrade-rubygem-domain_namecentos-upgrade-rubygem-fast_gettextcentos-upgrade-rubygem-fficentos-upgrade-rubygem-ffi-debuginfocentos-upgrade-rubygem-ffi-debugsourcecentos-upgrade-rubygem-foreman_maintaincentos-upgrade-rubygem-gssapicentos-upgrade-rubygem-hammer_clicentos-upgrade-rubygem-hammer_cli_foremancentos-upgrade-rubygem-hammer_cli_foreman_admincentos-upgrade-rubygem-hammer_cli_foreman_ansiblecentos-upgrade-rubygem-hammer_cli_foreman_azure_rmcentos-upgrade-rubygem-hammer_cli_foreman_bootdiskcentos-upgrade-rubygem-hammer_cli_foreman_discoverycentos-upgrade-rubygem-hammer_cli_foreman_openscapcentos-upgrade-rubygem-hammer_cli_foreman_remote_executioncentos-upgrade-rubygem-hammer_cli_foreman_taskscentos-upgrade-rubygem-hammer_cli_foreman_templatescentos-upgrade-rubygem-hammer_cli_foreman_virt_who_configurecentos-upgrade-rubygem-hammer_cli_foreman_webhookscentos-upgrade-rubygem-hammer_cli_katellocentos-upgrade-rubygem-hashiecentos-upgrade-rubygem-highlinecentos-upgrade-rubygem-http-cookiecentos-upgrade-rubygem-jwtcentos-upgrade-rubygem-little-pluggercentos-upgrade-rubygem-localecentos-upgrade-rubygem-loggingcentos-upgrade-rubygem-mime-typescentos-upgrade-rubygem-mime-types-datacentos-upgrade-rubygem-multi_jsoncentos-upgrade-rubygem-netrccentos-upgrade-rubygem-oauthcentos-upgrade-rubygem-powerbarcentos-upgrade-rubygem-rest-clientcentos-upgrade-rubygem-unfcentos-upgrade-rubygem-unf_extcentos-upgrade-rubygem-unf_ext-debuginfocentos-upgrade-rubygem-unf_ext-debugsourcecentos-upgrade-rubygem-unicodecentos-upgrade-rubygem-unicode-debuginfocentos-upgrade-rubygem-unicode-debugsourcecentos-upgrade-rubygem-unicode-display_widthcentos-upgrade-satellite-clicentos-upgrade-satellite-clonecentos-upgrade-satellite-maintain
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.