Git Users Need to Update Software to Prevent Frequent Remote Code Execution Attacks from Occurring
Those responsible for maintaining the Git source code version control system have recently shared essential updates for all users. This announcement aims to fix any potential vulnerabilities that cybercriminals could use for an attack to achieve remote code execution.
The crucial flaws are recorded as the following CVE-2022-23521 and CVE-2022-41903, which is affecting the following versions of Git: v2.30.6, v2.31.5, v2.32.4, v2.33.5, v2.34.5, v2.35.5, v2.36.3, v2.37.4, v2.38.2, and v2.39.0.
Additionally, many patch versions include the following v2.30.7, v2.31.6, v2.32.5, v2.33.6, v2.34.6, v2.35.6, v2.36.4, v2.37.5, v2.38.3, and v2.39.1. These bugs were caught all thanks to the keen eyes of X41 D-Sec security and Markus Vervier, Eric Sesterhenn, and GitLab's Joern Schneeweisz.
These vulnerabilities can cause "the most severe issue discovered allows an attacker to trigger a heap-based memory corruption during a clone or pull operations, which might result in code execution," the German cybersecurity company, X41 D-Sec, said of CVE-2022-23521.
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.