Vulnerability Database
Blog
FAQ
Docs
RHSA-2024:0407
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2024:0407
Import Source
https://security.access.redhat.com/data/osv/RHSA-2024:0407.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2024:0407
Related
CVE-2022-24765
CVE-2022-29187
CVE-2022-39253
CVE-2022-39260
CVE-2023-22490
CVE-2023-23946
Published
2024-09-16T11:47:06Z
Modified
2024-11-06T04:48:42Z
Severity
8.8 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: git security update
Details
References
https://access.redhat.com/errata/RHSA-2024:0407
https://access.redhat.com/security/updates/classification/#moderate
https://bugzilla.redhat.com/show_bug.cgi?id=2073414
https://bugzilla.redhat.com/show_bug.cgi?id=2107439
https://bugzilla.redhat.com/show_bug.cgi?id=2137422
https://bugzilla.redhat.com/show_bug.cgi?id=2137423
https://bugzilla.redhat.com/show_bug.cgi?id=2168160
https://bugzilla.redhat.com/show_bug.cgi?id=2168161
https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0407.json
https://access.redhat.com/security/cve/CVE-2022-24765
https://www.cve.org/CVERecord?id=CVE-2022-24765
https://nvd.nist.gov/vuln/detail/CVE-2022-24765
https://github.com/git-for-windows/git/security/advisories/GHSA-vw2c-22j4-2fh2
https://access.redhat.com/security/cve/CVE-2022-29187
https://www.cve.org/CVERecord?id=CVE-2022-29187
https://nvd.nist.gov/vuln/detail/CVE-2022-29187
https://access.redhat.com/security/cve/CVE-2022-39253
https://www.cve.org/CVERecord?id=CVE-2022-39253
https://nvd.nist.gov/vuln/detail/CVE-2022-39253
https://access.redhat.com/security/cve/CVE-2022-39260
https://www.cve.org/CVERecord?id=CVE-2022-39260
https://nvd.nist.gov/vuln/detail/CVE-2022-39260
https://access.redhat.com/security/cve/CVE-2023-22490
https://www.cve.org/CVERecord?id=CVE-2023-22490
https://nvd.nist.gov/vuln/detail/CVE-2023-22490
https://github.blog/2023-02-14-git-security-vulnerabilities-announced-3/
https://github.com/git/git/security/advisories/GHSA-gw92-x3fm-3g3q
https://access.redhat.com/security/cve/CVE-2023-23946
https://www.cve.org/CVERecord?id=CVE-2023-23946
https://nvd.nist.gov/vuln/detail/CVE-2023-23946
https://github.com/git/git/security/advisories/GHSA-r87m-v37r-cwfh
Affected packages
Red Hat:rhel_eus:8.6::appstream
/
git
Package
Name
git
Purl
pkg:rpm/redhat/git
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-all
Package
Name
git-all
Purl
pkg:rpm/redhat/git-all
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-core
Package
Name
git-core
Purl
pkg:rpm/redhat/git-core
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-core-debuginfo
Package
Name
git-core-debuginfo
Purl
pkg:rpm/redhat/git-core-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-core-doc
Package
Name
git-core-doc
Purl
pkg:rpm/redhat/git-core-doc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-credential-libsecret
Package
Name
git-credential-libsecret
Purl
pkg:rpm/redhat/git-credential-libsecret
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-credential-libsecret-debuginfo
Package
Name
git-credential-libsecret-debuginfo
Purl
pkg:rpm/redhat/git-credential-libsecret-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-daemon
Package
Name
git-daemon
Purl
pkg:rpm/redhat/git-daemon
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-daemon-debuginfo
Package
Name
git-daemon-debuginfo
Purl
pkg:rpm/redhat/git-daemon-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-debuginfo
Package
Name
git-debuginfo
Purl
pkg:rpm/redhat/git-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-debugsource
Package
Name
git-debugsource
Purl
pkg:rpm/redhat/git-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-email
Package
Name
git-email
Purl
pkg:rpm/redhat/git-email
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-gui
Package
Name
git-gui
Purl
pkg:rpm/redhat/git-gui
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-instaweb
Package
Name
git-instaweb
Purl
pkg:rpm/redhat/git-instaweb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-subtree
Package
Name
git-subtree
Purl
pkg:rpm/redhat/git-subtree
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
git-svn
Package
Name
git-svn
Purl
pkg:rpm/redhat/git-svn
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
gitk
Package
Name
gitk
Purl
pkg:rpm/redhat/gitk
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
gitweb
Package
Name
gitweb
Purl
pkg:rpm/redhat/gitweb
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
perl-Git
Package
Name
perl-Git
Purl
pkg:rpm/redhat/perl-Git
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
Red Hat:rhel_eus:8.6::appstream
/
perl-Git-SVN
Package
Name
perl-Git-SVN
Purl
pkg:rpm/redhat/perl-Git-SVN
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.31.8-1.el8_6
RHSA-2024:0407 - OSV