{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-24765", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2025-12-16T17:47:44.510Z", "dateReserved": "2022-02-10T00:00:00.000Z", "datePublished": "2022-04-12T00:00:00.000Z"}, "containers": {"cna": {"title": "Uncontrolled search for the Git directory in Git for Windows", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-27T10:06:30.486Z"}, "descriptions": [{"lang": "en", "value": "Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`."}], "affected": [{"vendor": "git-for-windows", "product": "git", "versions": [{"version": "< 2.35.2", "status": "affected"}]}], "references": [{"url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2"}, {"url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash"}, {"url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode"}, {"name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": ["mailing-list"], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7"}, {"name": "FEDORA-2022-e99ae504f5", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/"}, {"name": "FEDORA-2022-3759ebabd2", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/"}, {"name": "FEDORA-2022-2fec5f30be", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/"}, {"url": "https://support.apple.com/kb/HT213261"}, {"name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": ["mailing-list"], "url": "http://seclists.org/fulldisclosure/2022/May/31"}, {"name": "FEDORA-2022-dfd7e7fc0e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"}, {"name": "FEDORA-2022-2a5de7cb8b", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"}, {"name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html"}, {"name": "FEDORA-2023-470c7ea49e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/"}, {"name": "FEDORA-2023-e3c8abd37e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/"}, {"name": "FEDORA-2023-1068309389", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/"}, {"name": "FEDORA-2023-3ec32f6d4e", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/"}, {"name": "GLSA-202312-15", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202312-15"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-427: Uncontrolled Search Path Element", "cweId": "CWE-427"}]}], "source": {"advisory": "GHSA-vw2c-22j4-2fh2", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.377Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2", "tags": ["x_transferred"]}, {"url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash", "tags": ["x_transferred"]}, {"url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode", "tags": ["x_transferred"]}, {"name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": ["mailing-list", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7"}, {"name": "FEDORA-2022-e99ae504f5", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/"}, {"name": "FEDORA-2022-3759ebabd2", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/"}, {"name": "FEDORA-2022-2fec5f30be", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/"}, {"url": "https://support.apple.com/kb/HT213261", "tags": ["x_transferred"]}, {"name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": ["mailing-list", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/May/31"}, {"name": "FEDORA-2022-dfd7e7fc0e", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"}, {"name": "FEDORA-2022-2a5de7cb8b", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"}, {"name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html"}, {"name": "FEDORA-2023-470c7ea49e", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/"}, {"name": "FEDORA-2023-e3c8abd37e", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/"}, {"name": "FEDORA-2023-1068309389", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/"}, {"name": "FEDORA-2023-3ec32f6d4e", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/"}, {"name": "GLSA-202312-15", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202312-15"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-16T17:47:32.484278Z", "id": "CVE-2022-24765", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-16T17:47:44.510Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2", "tags": ["x_transferred"]}, {"url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash", "tags": ["x_transferred"]}, {"url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2022/04/12/7", "name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/", "name": "FEDORA-2022-e99ae504f5", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/", "name": "FEDORA-2022-3759ebabd2", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/", "name": "FEDORA-2022-2fec5f30be", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://support.apple.com/kb/HT213261", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2022/May/31", "name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/", "name": "FEDORA-2022-dfd7e7fc0e", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/", "name": "FEDORA-2022-2a5de7cb8b", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": ["mailing-list", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/", "name": "FEDORA-2023-470c7ea49e", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/", "name": "FEDORA-2023-e3c8abd37e", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/", "name": "FEDORA-2023-1068309389", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/", "name": "FEDORA-2023-3ec32f6d4e", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202312-15", "name": "GLSA-202312-15", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:20:50.377Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-24765", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-12-16T17:47:32.484278Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-20T16:40:49.198Z"}}], "cna": {"title": "Uncontrolled search for the Git directory in Git for Windows", "source": {"advisory": "GHSA-vw2c-22j4-2fh2", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "git-for-windows", "product": "git", "versions": [{"status": "affected", "version": "< 2.35.2"}]}], "references": [{"url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2"}, {"url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash"}, {"url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode"}, {"url": "http://www.openwall.com/lists/oss-security/2022/04/12/7", "name": "[oss-security] 20220412 git v2.35.2 and friends for CVE-2022-24765", "tags": ["mailing-list"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/", "name": "FEDORA-2022-e99ae504f5", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/", "name": "FEDORA-2022-3759ebabd2", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/", "name": "FEDORA-2022-2fec5f30be", "tags": ["vendor-advisory"]}, {"url": "https://support.apple.com/kb/HT213261"}, {"url": "http://seclists.org/fulldisclosure/2022/May/31", "name": "20220516 APPLE-SA-2022-05-16-8 Xcode 13.4", "tags": ["mailing-list"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/", "name": "FEDORA-2022-dfd7e7fc0e", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/", "name": "FEDORA-2022-2a5de7cb8b", "tags": ["vendor-advisory"]}, {"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html", "name": "[debian-lts-announce] 20221213 [SECURITY] [DLA 3239-1] git security update", "tags": ["mailing-list"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/", "name": "FEDORA-2023-470c7ea49e", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/", "name": "FEDORA-2023-e3c8abd37e", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/", "name": "FEDORA-2023-1068309389", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/", "name": "FEDORA-2023-3ec32f6d4e", "tags": ["vendor-advisory"]}, {"url": "https://security.gentoo.org/glsa/202312-15", "name": "GLSA-202312-15", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-427", "description": "CWE-427: Uncontrolled Search Path Element"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-27T10:06:30.486Z"}}}, "cveMetadata": {"cveId": "CVE-2022-24765", "state": "PUBLISHED", "dateUpdated": "2025-12-16T17:47:44.510Z", "dateReserved": "2022-02-10T00:00:00.000Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2022-04-12T00:00:00.000Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:git-scm:git:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3ACE235-32E1-429A-9A82-628C9D25CADE", "versionEndExcluding": "2.35.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABC5ECCF-B646-4686-AE1E-6F1122B108BB", "versionEndExcluding": "13.4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`."}, {"lang": "es", "value": "Git para Windows es un fork de Git que contiene parches espec\u00edficos para Windows. Esta vulnerabilidad afecta a usuarios que trabajan en m\u00e1quinas multiusuario, donde partes no confiables presentan acceso de escritura al mismo disco duro. Estas partes no confiables podr\u00edan crear la carpeta \"C:\\.git\", que ser\u00eda recogida por las operaciones de Git ejecutadas supuestamente fuera de un repositorio mientras es buscado un directorio Git. Git respetar\u00eda entonces cualquier configuraci\u00f3n en dicho directorio Git. Los usuarios de Git Bash que configuren \"GIT_PS1_SHOWDIRTYSTATE\" tambi\u00e9n son vulnerables. Los usuarios que hayan instalado posh-git son vulnerables simplemente al iniciar un PowerShell. Los usuarios de IDEs como Visual Studio son vulnerables: la simple creaci\u00f3n de un nuevo proyecto ya leer\u00eda y respetar\u00eda la configuraci\u00f3n especificada en \"C:\\.git\\config\". Los usuarios del fork de Microsoft de Git son vulnerables simplemente al iniciar un Git Bash. El problema ha sido parcheado en Git para Windows versi\u00f3n v2.35.2. Los usuarios que no puedan actualizarse pueden crear la carpeta \".git\" en todas las unidades en las que sean ejecutados comandos de Git, y eliminar el acceso de lectura/escritura de esas carpetas como medida de mitigaci\u00f3n. Como alternativa, defina o ampl\u00ede \"GIT_CEILING_DIRECTORIES\" para que cubra el directorio _parent_ del perfil de usuario, por ejemplo, \"C:\\Users\" si el perfil de usuario es encontrado en \"C:\\Users\\my-user-name\""}], "id": "CVE-2022-24765", "lastModified": "2024-11-21T06:51:02.873", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.2, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-12T18:15:09.390", "references": [{"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/May/31"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode"}, {"source": "security-advisories@github.com", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/"}, {"source": "security-advisories@github.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/"}, {"source": "security-advisories@github.com", "url": "https://security.gentoo.org/glsa/202312-15"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/May/31"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/04/12/7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://git-scm.com/book/en/v2/Appendix-A%3A-Git-in-Other-Environments-Git-in-Bash"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://git-scm.com/docs/git#Documentation/git.txt-codeGITCEILINGDIRECTORIEScode"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00025.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5PTN5NYEHYN2OQSHSAMCNICZNK2U4QH6/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BENQYTDGUL6TF3UALY6GSIEXIHUIYNWM/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDI325LOO2XBDDKLINOAQJEG6MHAURZE/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DIKWISWUDFT2FAITYIA6372BVLH3OOOC/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HVOLER2PIGMHPQMDGG4RDE2KZB74QLA2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SLP42KIZ6HACTVZMZLJLFJQ4W2XYT27M/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRZG5CDUQ27OWTPC5MQOR4UASNXHWEZS/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDZRZAL7QULOB6V7MKT66MOMWJLBJPX4/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YROCMBWYFKRSS64PO6FUNM6L7LKBUKVW/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202312-15"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT213261"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-427"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2023:2859", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "git-0:2.39.1-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:0407", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "git-0:2.31.8-1.el8_6", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-01-25T00:00:00Z"}, {"advisory": "RHSA-2023:2319", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "git-0:2.39.1-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}], "bugzilla": {"description": "git: On multi-user machines Git users might find themselves unexpectedly in a Git worktree", "id": "2073414", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2073414"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-427", "details": ["Git for Windows is a fork of Git containing Windows-specific patches. This vulnerability affects users working on multi-user machines, where untrusted parties have write access to the same hard disk. Those untrusted parties could create the folder `C:\\.git`, which would be picked up by Git operations run supposedly outside a repository while searching for a Git directory. Git would then respect any config in said Git directory. Git Bash users who set `GIT_PS1_SHOWDIRTYSTATE` are vulnerable as well. Users who installed posh-gitare vulnerable simply by starting a PowerShell. Users of IDEs such as Visual Studio are vulnerable: simply creating a new project would already read and respect the config specified in `C:\\.git\\config`. Users of the Microsoft fork of Git are vulnerable simply by starting a Git Bash. The problem has been patched in Git for Windows v2.35.2. Users unable to upgrade may create the folder `.git` on all drives where Git commands are run, and remove read/write access from those folders as a workaround. Alternatively, define or extend `GIT_CEILING_DIRECTORIES` to cover the _parent_ directory of the user profile, e.g. `C:\\Users` if the user profile is located in `C:\\Users\\my-user-name`.", "A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be executed by other users who access the repository."], "name": "CVE-2022-24765", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "git", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "git", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-git227-git", "product_name": "Red Hat Software Collections"}], "public_date": "2022-04-12T10:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-24765\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-24765\nhttps://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2"], "threat_severity": "Moderate"}

{}