{"vulnerability": "CVE-2022-20001", "sightings": [{"uuid": "372799cc-2384-4b5d-b677-220197e564e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20001", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16527", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42906\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: powerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs git commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory to one controlled by the attacker, such as in a shared filesystem or extracted archive, powerline-gitstatus will run arbitrary commands under the attacker's control. NOTE: this is similar to CVE-2022-20001.\n\ud83d\udccf Published: 2022-10-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-15T16:14:22.051Z\n\ud83d\udd17 References:\n1. https://github.com/jaspernbrouwer/powerline-gitstatus/issues/45\n2. https://github.com/jaspernbrouwer/powerline-gitstatus/releases/tag/v1.3.2\n3. https://lists.debian.org/debian-lts-announce/2023/01/msg00017.html", "creation_timestamp": "2025-05-15T16:35:21.000000Z"}, {"uuid": "05aa120f-a3f5-4376-bd02-e089b2178fd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20001", "type": "seen", "source": "https://t.me/cibsecurity/51304", "content": "\u203c CVE-2022-42906 \u203c\n\npowerline-gitstatus (aka Powerline Gitstatus) before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs git commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory to one controlled by the attacker, such as in a shared filesystem or extracted archive, powerline-gitstatus will run arbitrary commands under the attacker's control. NOTE: this is similar to CVE-2022-20001.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-13T07:27:25.000000Z"}, {"uuid": "5ee703c4-0d10-4f03-943c-45b3e458efcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20001", "type": "seen", "source": "https://t.me/cibsecurity/38904", "content": "\u203c CVE-2022-20001 \u203c\n\nfish is a command line shell. fish version 3.1.0 through version 3.3.1 is vulnerable to arbitrary code execution. git repositories can contain per-repository configuration that change the behavior of git, including running arbitrary commands. When using the default configuration of fish, changing to a directory automatically runs `git` commands in order to display information about the current repository in the prompt. If an attacker can convince a user to change their current directory into one controlled by the attacker, such as on a shared file system or extracted archive, fish will run arbitrary commands under the attacker's control. This problem has been fixed in fish 3.4.0. Note that running git in these directories, including using the git tab completion, remains a potential trigger for this issue. As a workaround, remove the `fish_git_prompt` function from the prompt.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-14T21:18:25.000000Z"}]}