FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

git -- "git apply" overwriting paths outside the working tree

Affected packages
git < 2.39.2


VuXML ID 21f12de8-b1db-11ed-b0f4-002590f2a714
Discovery 2023-02-14
Entry 2023-02-21

git team reports:

By feeding a crafted input to "git apply", a path outside the working tree can be overwritten as the user who is running "git apply".


CVE Name CVE-2023-23946