Dgl

**Name of the Vulnerable Software and Affected Versions** GitProxy versions 1.19.1 and below **Description** GitProxy is an application that acts as an intermediary between developers and Git remote endpoints. Versions 1.19.1 and below permit users to bypass policies and explicit approvals when pushing to remote repositories. Specifically, checks and plugins are skipped, potentially allowing the introduction of secrets or unwanted changes into a repository. **Recommendations** Update to version 1.19.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitProxy versions 1.19.1 and below **Description** GitProxy is an application that acts as an intermediary between developers and a Git remote endpoint. A crafted malicious Git packfile can exploit the PACK signature detection in the `parsePush.ts` file. Embedding a misleading PACK signature within commit content and carefully constructing the packet structure can trick the parser into treating invalid data as the packfile, potentially allowing bypassing approval or hiding commits. **Recommendations** Update to version 1.19.2 or later.

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.43.7 Git versions prior to 2.44.4 Git versions prior to 2.45.4 Git versions prior to 2.46.4 Git versions prior to 2.47.3 Git versions prior to 2.48.2 Git versions prior to 2.49.1 Git versions prior to 2.50.1 Description: The wincred credential helper in Git does not properly bounds check the available space remaining in a static buffer before appending to it with wcsncat(), leading to potential buffer overflows. Recommendations: For versions prior to 2.43.7, update to version 2.43.7 or later. For versions prior to 2.44.4, update to version 2.44.4 or later. For versions prior to 2.45.4, update to version 2.45.4 or later. For versions prior to 2.46.4, update to version 2.46.4 or later. For versions prior to 2.47.3, update to version 2.47.3 or later. For versions prior to 2.48.2, update to version 2.48.2 or later. For versions prior to 2.49.1, update to version 2.49.1 or later. For versions prior to 2.50.1, update to version 2.50.1 or later.

Name of the Vulnerable Software and Affected Versions: Git versions prior to 2.43.7 Git versions prior to 2.44.4 Git versions prior to 2.45.4 Git versions prior to 2.46.4 Git versions prior to 2.47.3 Git versions prior to 2.48.2 Git versions prior to 2.49.1 Git versions prior to 2.50.1 Description: The issue arises from the Git client's insufficient validation of advertised bundles when cloning a repository, allowing the remote server to perform protocol injection. This can cause the client to write fetched content to a location controlled by the adversary, potentially leading to arbitrary code execution. The vulnerability can be exploited when the `bundle.heuristic` config option is enabled, and in some cases, it requires the adversary to control where a repository will be cloned to, which can be achieved through social engineering or recursive clones with submodules. Recommendations: For Git versions prior to 2.43.7, update to version 2.43.7 or later. For Git versions prior to 2.44.4, update to version 2.44.4 or later. For Git versions prior to 2.45.4, update to version 2.45.4 or later. For Git versions prior to 2.46.4, update to version 2.46.4 or later. For Git versions prior to 2.47.3, update to version 2.47.3 or later. For Git versions prior to 2.48.2, update to version 2.48.2 or later. For Git versions prior to 2.49.1, update to version 2.49.1 or later. For Git versions prior to 2.50.1, update to version 2.50.1 or later. As a temporary workaround, consider disabling the `bundle.heuristic` config option to prevent the use of bundle URIs. Restrict access to recursive clones to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Git versions 2.43.7 through 2.50.1 **Description** Git contains a link following vulnerability stemming from inconsistent handling of carriage return characters in configuration files. This flaw allows attackers to execute arbitrary code via malicious repositories, specifically through crafted submodules. The vulnerability enables arbitrary file writes and remote code execution (RCE) on Unix-like systems. Exploitation is actively occurring, and a proof-of-concept (PoC) is available. The vulnerability affects Git CLI versions 2.50.0 and earlier on macOS and Linux. The issue arises because Git strips carriage return characters when reading config values but does not quote them when writing, leading to altered paths during submodule initialization and potential execution of malicious hooks. **Recommendations** Update Git to version 2.50.1 or later.

Name of the Vulnerable Software and Affected Versions: Ghostty version 1.0.0 Description: Ghostty is a cross-platform terminal emulator that allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal. This could allow the attacker to execute arbitrary commands when the user views a file containing the malicious sequence and physically presses the "enter" key. Recommendations: For Ghostty version 1.0.0, update to Ghostty v1.0.1 to resolve the issue. As a temporary workaround, consider avoiding the use of files that may contain malicious escape sequences until the update is applied. Restrict user interaction with potentially malicious input to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** OpenBSD versions 7.3 before errata 014 **Description** The issue is related to a missing argument-count bounds check in console terminal emulation, which could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences. **Recommendations** For OpenBSD version 7.3 before errata 014, apply errata 014 to resolve the issue. As a temporary workaround, consider restricting the use of console terminal emulation until the patch is applied.