Main Vulnerability Database Exploits ID:8689 - Exploit for Input validation error in Git - CVE-2022-39253

ID:8689 - Exploit for Input validation error in Git - CVE-2022-39253

Published: December 22, 2022

Vulnerability identifier: #VU68517

Vulnerability risk: Low

CVE-ID: CVE-2022-39253

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Git

Link to public exploit:

https://github.com/ssst0n3/docker-cve-2022-39253-poc

Vulnerability description

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to the way Git handles hardlinks when performing a local clone. A remote attacker can trick the victim into clocking a malicious repository and create or copy hardlinks to critical files on the system, which can result in sensitive information exposure.

Remediation

Install updates from vendor's website.

ID:8689 - Exploit for Input validation error in Git - CVE-2022-39253

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human