VDB

GCVE-110-MAGEIA-2023-1

GCVE-110-MAGEIA-2023-1
Advisory Published
Vulnetix · Advisory published January 13, 2023
Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. This is only relevant when enabling the ext transport protocol (CVE-2022-24439)

Affected Products

VendorProductVersionsPlatforms
Mageianx0 (affected), 3.5.99.26-1.1.mga8 (unaffected)
Mageiapython-gitpython0 (affected), 3.1.30-1.mga8 (unaffected), 3.1.30-1.mga8 (unaffected), 0 (affected)
Mageiax2goserver0 (affected), 4.1.0.3-1.1.mga8 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›