CVE-2023-23618 - OpenCVE

Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using `gitk` (or Git GUI's "Visualize History" functionality) in clones of untrusted repositories.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Git For Windows Project	Git For Windows

Configuration 1 [-]

cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c
https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1
https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm
https://wiki.tcl-lang.org/page/exec

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-02-14T20:38:04.921Z

Updated: 2024-08-02T10:35:33.594Z

Reserved: 2023-01-16T17:07:46.243Z

Link: CVE-2023-23618

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-02-14T21:15:13.170

Modified: 2023-11-07T04:07:49.843

Link: CVE-2023-23618

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-23618", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-01-16T17:07:46.243Z", "datePublished": "2023-02-14T20:38:04.921Z", "dateUpdated": "2024-08-02T10:35:33.594Z"}, "containers": {"cna": {"title": "gitk can inadvertently call executables in the worktree", "problemTypes": [{"descriptions": [{"cweId": "CWE-426", "lang": "en", "description": "CWE-426: Untrusted Search Path", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm"}, {"name": "https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c", "tags": ["x_refsource_MISC"], "url": "https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c"}, {"name": "https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1", "tags": ["x_refsource_MISC"], "url": "https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1"}, {"name": "https://wiki.tcl-lang.org/page/exec", "tags": ["x_refsource_MISC"], "url": "https://wiki.tcl-lang.org/page/exec"}], "affected": [{"vendor": "git-for-windows", "product": "git", "versions": [{"version": "< 2.39.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-02-14T20:38:04.921Z"}, "descriptions": [{"lang": "en", "value": "Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using `gitk` (or Git GUI's \"Visualize History\" functionality) in clones of untrusted repositories.\n"}], "source": {"advisory": "GHSA-wxwv-49qw-35pm", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:35:33.594Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm"}, {"name": "https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c"}, {"name": "https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1"}, {"name": "https://wiki.tcl-lang.org/page/exec", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://wiki.tcl-lang.org/page/exec"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:git_for_windows_project:git_for_windows:*:*:*:*:*:*:*:*", "matchCriteriaId": "613F976A-860B-4267-8364-74D7BC74030D", "versionEndExcluding": "2.39.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, when `gitk` is run on Windows, it potentially runs executables from the current directory inadvertently, which can be exploited with some social engineering to trick users into running untrusted code. A patch is available in version 2.39.2. As a workaround, avoid using `gitk` (or Git GUI's \"Visualize History\" functionality) in clones of untrusted repositories.\n"}], "id": "CVE-2023-23618", "lastModified": "2023-11-07T04:07:49.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2023-02-14T21:15:13.170", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/git-for-windows/git/commit/49a8ec9dac3cec6602f05fed1b3f80a549c8c05c"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/git-for-windows/git/releases/tag/v2.39.2.windows.1"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/git-for-windows/git/security/advisories/GHSA-wxwv-49qw-35pm"}, {"source": "security-advisories@github.com", "tags": ["Not Applicable"], "url": "https://wiki.tcl-lang.org/page/exec"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-426"}], "source": "security-advisories@github.com", "type": "Secondary"}]}