VDB
CVE-2022-41903
CVE-2022-41903
PUBLISHED
CVSS 8.800000190734863 HIGH
Vulnerability in Git that involves a heap overflow in the git archive and git log --format commands. This flaw can potentially lead to remote code execution (RCE) if exploited by authenticated attacker.
EPSS 17.80% · 95.3th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:W/RC:C
EPSS Score
17.80%
95.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ABB | ABB M2M Gateway ARM600, firmware versions >=4.1.2|<=5.0.3 | |
| ABB | ABB M2M Gateway SW, software versions >=5.0.1|<=5.0.3 |
Exploit Intelligence
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
- vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was also patched to address an additional, Windows-specific issue known as CVE-2022-41953. (github-poc)
Timeline
- Jan 17, 2023 CVE Published
- Jan 18, 2023 EPSS Score
- Feb 28, 2023 EPSS Score
- Apr 9, 2023 EPSS Score
- Jun 29, 2023 EPSS Score
- Aug 9, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
- Jan 19, 2024 EPSS Score
- Apr 9, 2024 EPSS Score
- Jun 29, 2024 EPSS Score
- Sep 18, 2024 EPSS Score
- Dec 10, 2024 EPSS Score
References
- https://psirt.abb.com/csaf/2025/2nga002579.json advisory
- https://library.e.abb.com/public/ffab1a14a42646c6adee38fc3de61dad/Arctic_csdepl_758860_ENf.pdf advisory
- https://library.e.abb.com/public/0498e4c0babd46aa9243aedd6f99c375/ARM600_user_758861_ENk.pdf advisory
- https://new.abb.com/service/electrification/life-cycle-management?pe_data=D42415F457244415145784545584371%7C29609824 advisory
- https://search.abb.com/library/Download.aspx?DocumentID=2NGA002579&LanguageCode=en&DocumentPartId=pdf&Action=Launch advisory
- https://search.abb.com/library/Download.aspx?DocumentID=1MRS758860&LanguageCode=en&DocumentPartId=&Action=Launch advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-41903 advisory