diff options
| author | Alan Somers <asomers@FreeBSD.org> | 2023-01-21 22:30:29 +0000 |
|---|---|---|
| committer | Alan Somers <asomers@FreeBSD.org> | 2023-01-21 22:42:45 +0000 |
| commit | 15a0ee651699dc551e4e41d3976e68ba1c9e90a9 (patch) | |
| tree | 999d630e7d647c190d70eafffd506ab57b60c5c8 | |
| parent | 65ce3f1684bc6a0457bfc55feb059baf76bbee2a (diff) | |
| download | ports-15a0ee651699dc551e4e41d3976e68ba1c9e90a9.tar.gz ports-15a0ee651699dc551e4e41d3976e68ba1c9e90a9.zip | |
security/vuxml: register shells/fish vulnerability
Arbitrary code execution if the attacker can convince the user to cd to
a directory the attacker controls.
CVE-2022-20001
PR: 263506
| -rw-r--r-- | security/vuxml/vuln/2023.xml | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 30e741f00766..d43c2aa94ef3 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -1,3 +1,47 @@ + <vuln vid="a3b10c9b-99d9-11ed-aa55-d05099fed512"> + <topic>shells/fish -- arbitrary code execution via git</topic> + <affects> + <package> + <name>fish</name> + <range><ge>3.1.0</ge><lt>3.4.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Peter Ammon reports:</p> + <blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2022-20001"> + <p> + fish is a command line shell. fish version 3.1.0 through + version 3.3.1 is vulnerable to arbitrary code execution. + git repositories can contain per-repository + configuration that change the behavior of git, including + running arbitrary commands. When using the default + configuration of fish, changing to a directory + automatically runs git commands in order to display + information about the current repository in the prompt. + If an attacker can convince a user to change their + current directory into one controlled by the attacker, + such as on a shared file system or extracted archive, + fish will run arbitrary commands under the attacker's + control. This problem has been fixed in fish 3.4.0. Note + that running git in these directories, including using + the git tab completion, remains a potential trigger for + this issue. As a workaround, remove the + fish_git_prompt function from the prompt. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-20001</cvename> + <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20001</url> + </references> + <dates> + <discovery>2021-12-26</discovery> + <entry>2023-01-21</entry> + </dates> + </vuln> + <vuln vid="dc49f6dc-99d2-11ed-86e9-d4c9ef517024"> <topic>MySQL -- Multiple vulnerabilities</topic> <affects> |