Changes made to bug 2159672

Back to bug 2159672

Who	When	What	Removed	Added
Red Hat Bugzilla	2023-03-02 08:28:10 UTC	Depends On		2159673, 2159674
		Depends On		2159675
		Summary	CVE-2022-46648, CVE-2022-47318 ruby-git: multiple code injection vulnerabilities	CVE-2022-46648 CVE-2022-47318 ruby-git: multiple code injection vulnerabilities
		Summary	CVE-2022-46648 CVE-2022-47318 ruby-git: multiple code injection vulnerabilities	ruby-git: multiple code injection vulnerabilities
		Summary	ruby-git: multiple code injection vulnerabilities	CVE-2022-46648 CVE-2022-47318 ruby-git: multiple code injection vulnerabilities
		Blocks		2161645
		CC		ahanwate
		Summary	CVE-2022-46648 CVE-2022-47318 ruby-git: multiple code injection vulnerabilities	ruby-git: multiple code injection vulnerabilities
		Summary	ruby-git: multiple code injection vulnerabilities	CVE-2022-47318 ruby-git: multiple code injection vulnerabilities
		Summary	CVE-2022-47318 ruby-git: multiple code injection vulnerabilities	CVE-2022-47318: ruby-git: code injection vulnerability
		Summary	CVE-2022-47318: ruby-git: code injection vulnerability	: ruby-git: code injection vulnerability
		Severity	medium	high
		Priority	medium	high
		CC	myarboro
Red Hat Bugzilla	2023-05-15 20:18:52 UTC	Alias		CVE-2022-47318
		Summary	: ruby-git: code injection vulnerability	CVE-2022-47318 ruby-git: code injection vulnerability
		CC	btotty
Red Hat Bugzilla	2023-07-07 08:35:25 UTC	Assignee	security-response-team	nobody
Paige Jung	2023-07-13 16:04:06 UTC	Doc Text		A flaw was found in the ruby-git package, which allows a remote authenticated attacker to execute arbitrary code on the system
		Doc Text		, caused by a code injection flaw. An attacker can execute arbitrary code on the system by using a specially-crafted filename in the repository.
		Doc Text	A flaw was found in the ruby-git package, which allows a remote authenticated attacker to execute arbitrary code on the system, caused by a code injection flaw. An attacker can execute arbitrary code on the system by using a specially-crafted filename in the repository.	A code injection flaw was found in the ruby-git package. This issue may allow a remote authenticated attacker to execute arbitrary code on the system by using a specially-crafted filename in the repository.

Back to bug 2159672