Vulnerability Details : CVE-2022-42906
powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs git commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory to one controlled by the attacker, such as in a shared filesystem or extracted archive, powerline-gitstatus will run arbitrary commands under the attacker's control. NOTE: this is similar to CVE-2022-20001.
Products affected by CVE-2022-42906
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:powerline_gitstatus_project:powerline_gitstatus:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-42906
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 31 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-42906
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2022-42906
-
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-42906
-
https://github.com/jaspernbrouwer/powerline-gitstatus/issues/45
Security risk with untrusted repositories · Issue #45 · jaspernbrouwer/powerline-gitstatus · GitHubExploit;Issue Tracking;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2023/01/msg00017.html
[SECURITY] [DLA 3277-1] powerline-gitstatus security updateMailing List;Third Party Advisory
-
https://github.com/jaspernbrouwer/powerline-gitstatus/releases/tag/v1.3.2
Release v1.3.2: Fix command injection via malicious repository config · jaspernbrouwer/powerline-gitstatus · GitHubRelease Notes
Jump to