{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-52005", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2024-11-04T17:46:16.779Z", "datePublished": "2025-01-15T17:35:02.379Z", "dateUpdated": "2025-01-15T20:10:36.473Z"}, "containers": {"cna": {"title": "The sideband payload is passed unfiltered to the terminal in git", "problemTypes": [{"descriptions": [{"cweId": "CWE-116", "lang": "en", "description": "CWE-116: Improper Encoding or Escaping of Output", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-150", "lang": "en", "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329"}, {"name": "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net", "tags": ["x_refsource_MISC"], "url": "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net"}], "affected": [{"vendor": "git", "product": "git", "versions": [{"version": ">= 2.48.0, <= 2.48.1", "status": "affected"}, {"version": ">= 2.47.0, <= 2.47.1", "status": "affected"}, {"version": ">= 2.46.0, <= 2.46.3", "status": "affected"}, {"version": ">= 2.45.0, <= 2.45.3", "status": "affected"}, {"version": ">= 2.44.0, <= 2.44.3", "status": "affected"}, {"version": ">= 2.43.0, <= 2.43.6", "status": "affected"}, {"version": ">= 2.42.0, <= 2.42.4", "status": "affected"}, {"version": ">= 2.41.0, <= 2.41.3", "status": "affected"}, {"version": "<= 2.40.4", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-15T17:35:02.379Z"}, "descriptions": [{"lang": "en", "value": "Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called \"sideband channel\". These messages will be prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources."}], "source": {"advisory": "GHSA-7jjc-gg6m-3329", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-01-15T20:10:33.107830Z", "id": "CVE-2024-52005", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T20:10:36.473Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-52005", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-15T20:10:33.107830Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-15T20:07:51.559Z"}}], "cna": {"title": "The sideband payload is passed unfiltered to the terminal in git", "source": {"advisory": "GHSA-7jjc-gg6m-3329", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "git", "product": "git", "versions": [{"status": "affected", "version": ">= 2.48.0, <= 2.48.1"}, {"status": "affected", "version": ">= 2.47.0, <= 2.47.1"}, {"status": "affected", "version": ">= 2.46.0, <= 2.46.3"}, {"status": "affected", "version": ">= 2.45.0, <= 2.45.3"}, {"status": "affected", "version": ">= 2.44.0, <= 2.44.3"}, {"status": "affected", "version": ">= 2.43.0, <= 2.43.6"}, {"status": "affected", "version": ">= 2.42.0, <= 2.42.4"}, {"status": "affected", "version": ">= 2.41.0, <= 2.41.3"}, {"status": "affected", "version": "<= 2.40.4"}]}], "references": [{"url": "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329", "name": "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net", "name": "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called \"sideband channel\". These messages will be prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-116", "description": "CWE-116: Improper Encoding or Escaping of Output"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-150", "description": "CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-01-15T17:35:02.379Z"}}}, "cveMetadata": {"cveId": "CVE-2024-52005", "state": "PUBLISHED", "dateUpdated": "2025-01-15T20:10:36.473Z", "dateReserved": "2024-11-04T17:46:16.779Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-01-15T17:35:02.379Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called \"sideband channel\". These messages will be prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources."}], "id": "CVE-2024-52005", "lastModified": "2025-01-15T18:15:24.130", "metrics": {"cvssMetricV40": [{"cvssData": {"attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "automatable": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityRequirements": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "recovery": "NOT_DEFINED", "safety": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "subsequentSystemIntegrity": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnerabilityResponseEffort": "NOT_DEFINED", "vulnerableSystemAvailability": "HIGH", "vulnerableSystemConfidentiality": "HIGH", "vulnerableSystemIntegrity": "HIGH"}, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-01-15T18:15:24.130", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329"}, {"source": "security-advisories@github.com", "url": "https://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}, {"lang": "en", "value": "CWE-150"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2025:7482", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "git-0:2.47.1-2.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:8414", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "git-0:2.43.5-3.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-03T00:00:00Z"}, {"advisory": "RHSA-2025:7409", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "git-0:2.47.1-2.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:7641", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "git-0:2.39.5-1.el9_2.1", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-05-15T00:00:00Z"}, {"advisory": "RHSA-2025:7640", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "git-0:2.43.5-1.el9_4.1", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-05-15T00:00:00Z"}, {"advisory": "RHSA-2025:8385", "cpe": "cpe:/a:redhat:discovery:1.14::el9", "package": "registry.redhat.io/discovery/discovery-server-rhel9:sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63", "product_name": "Red Hat Discovery 1.14", "release_date": "2025-06-02T00:00:00Z"}], "bugzilla": {"description": "git: The sideband payload is passed unfiltered to the terminal in git", "id": "2338289", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338289"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "(CWE-116|CWE-150)", "details": ["Git is a source code management tool. When cloning from a server (or fetching, or pushing), informational or error messages are transported from the remote Git process to the client via the so-called \"sideband channel\". These messages will be prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information, or to mislead the user into executing untrusted scripts. As requested on the git-security mailing list, the patches are under discussion on the public mailing list. Users are advised to update as soon as possible. Users unable to upgrade should avoid recursive clones unless they are from trusted sources.", "A flaw was found in Git. When cloning, fetching, or pushing from a server, informational or error messages are transported from the remote Git process to the client via a sideband channel. These messages are prefixed with \"remote:\" and printed directly to the standard error output. Typically, this standard error output is connected to a terminal that understands ANSI escape sequences, which Git did not protect against. Most modern terminals support control sequences that can be used by a malicious actor to hide and misrepresent information or to mislead the user into executing untrusted scripts."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-52005", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "git", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "git", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Out of support scope", "package_name": "io.syndesis-syndesis-parent", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2025-01-15T17:35:02Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-52005\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-52005\nhttps://github.com/git/git/security/advisories/GHSA-7jjc-gg6m-3329\nhttps://lore.kernel.org/git/1M9FnZ-1taoNo1wwh-00ESSd@mail.gmx.net"], "statement": "This vulnerability is classified as moderate rather than important because it primarily affects informational messages rather than directly compromising repository integrity or executing arbitrary code. The issue arises from Git's failure to sanitize ANSI escape sequences in messages received over the sideband channel, which could allow a malicious remote repository to manipulate terminal output. However, exploitation requires user interaction, such as manually copying and executing misleading commands. Unlike higher-severity vulnerabilities, this does not provide direct unauthorized access, remote code execution, or privilege escalation, limiting its overall impact. The risk is further mitigated by best practices, such as avoiding recursive clones from untrusted sources.\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a (CWE-116: Improper Encoding or Escaping of Output | CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nStatic code analysis and peer reviews help ensure input validation and output encoding are properly implemented, reducing the risk of system instability, data exposure, and security issues. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention, which ensures that unexpected or malicious output behavior is detectable post-deployment. In the event of successful exploitation, process isolation contains the impact to the affected workload through containerization, pod-level security policies, and network segmentation.", "threat_severity": "Moderate"}