Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-pfpr-3463-c6jh: ruby-git has potential remote code execution vulnerability

The git gem, between versions 1.2.0 and 1.12.0, incorrectly parsed the output of the git ls-files command using eval() to unescape quoted file names. If a file name was added to the git repository contained special characters, such as \n, then the git ls-files command would print the file name in quotes and escape any special characters. If the Git#ls_files method encountered a quoted file name it would use eval() to unquote and unescape any special characters, leading to potential remote code execution. Version 1.13.0 of the git gem was released which correctly parses any quoted file names.

ghsa
#vulnerability#git#rce#ruby
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2022-46648

ruby-git has potential remote code execution vulnerability

Moderate severity GitHub Reviewed Published Jan 9, 2023

Vulnerability details Dependabot alerts 0

Package

bundler git (RubyGems)

Affected versions

>= 1.2.0, < 1.13.0

Patched versions

1.13.0

Description

The git gem, between versions 1.2.0 and 1.12.0, incorrectly parsed the output of the git ls-files command using eval() to unescape quoted file names. If a file name was added to the git repository contained special characters, such as \n, then the git ls-files command would print the file name in quotes and escape any special characters. If the Git#ls_files method encountered a quoted file name it would use eval() to unquote and unescape any special characters, leading to potential remote code execution. Version 1.13.0 of the git gem was released which correctly parses any quoted file names.

References

  • ruby-git/ruby-git#602
  • https://github.com/ruby-git/ruby-git/releases/tag/v1.13.0
  • https://github.com/rubysec/ruby-advisory-db/blob/master/gems/git/CVE-2022-46648.yml

Severity

Moderate

Weaknesses

No CWEs

CVE ID

CVE-2022-46648

GHSA ID

GHSA-pfpr-3463-c6jh

Source code

ruby-git/ruby-git

Checking history

See something to contribute? Suggest improvements for this vulnerability.

Related news

Red Hat Security Advisory 2023-5980-01

Red Hat Security Advisory 2023-5980-01 - Updated Satellite 6.11 packages that fix several bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.

Red Hat Security Advisory 2023-5979-01

Red Hat Security Advisory 2023-5979-01 - Updated Satellite 6.12 packages that fixes important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5931-01

Red Hat Security Advisory 2023-5931-01 - Updated Satellite 6.13 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Issues addressed include code execution and denial of service vulnerabilities.