Headline
GHSA-pfpr-3463-c6jh: ruby-git has potential remote code execution vulnerability
The git gem, between versions 1.2.0 and 1.12.0, incorrectly parsed the output of the git ls-files
command using eval()
to unescape quoted file names. If a file name was added to the git repository contained special characters, such as \n
, then the git ls-files
command would print the file name in quotes and escape any special characters. If the Git#ls_files
method encountered a quoted file name it would use eval()
to unquote and unescape any special characters, leading to potential remote code execution. Version 1.13.0 of the git gem was released which correctly parses any quoted file names.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2022-46648
ruby-git has potential remote code execution vulnerability
Moderate severity GitHub Reviewed Published Jan 9, 2023
Vulnerability details Dependabot alerts 0
Package
bundler git (RubyGems)
Affected versions
>= 1.2.0, < 1.13.0
Patched versions
1.13.0
Description
The git gem, between versions 1.2.0 and 1.12.0, incorrectly parsed the output of the git ls-files command using eval() to unescape quoted file names. If a file name was added to the git repository contained special characters, such as \n, then the git ls-files command would print the file name in quotes and escape any special characters. If the Git#ls_files method encountered a quoted file name it would use eval() to unquote and unescape any special characters, leading to potential remote code execution. Version 1.13.0 of the git gem was released which correctly parses any quoted file names.
References
- ruby-git/ruby-git#602
- https://github.com/ruby-git/ruby-git/releases/tag/v1.13.0
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/git/CVE-2022-46648.yml
Severity
Moderate
Weaknesses
No CWEs
CVE ID
CVE-2022-46648
GHSA ID
GHSA-pfpr-3463-c6jh
Source code
ruby-git/ruby-git
Checking history
See something to contribute? Suggest improvements for this vulnerability.
Related news
Red Hat Security Advisory 2023-5980-01 - Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.
Red Hat Security Advisory 2023-5979-01 - Updated Satellite 6.12 packages that fixes important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2023-5931-01 - Updated Satellite 6.13 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.