The official website SK

The gov.sk domain is official

This is the official website of the public authority of the Slovak Republic. Official websites mainly use the gov.sk domain. Links to individual websites of public authorities can be found at this link.

This page is secured

Be careful and always make sure that you share information only through the secure website of the Slovak public administration. A secure page always starts with https:// before the domain name of the website.

Warning of Critical Vulnerabilities in Git System

The National Cyber Security Centre SK-CERT warns of critical vulnerabilities in Git system that could be exploited by attackers for remote code execution.

Git is a distributed revision control tool. Git is a popular open-source tool used worldwide.

Critical vulnerabilities are tracked as CVE-2022-23521 and CVE-2022-41903. The vulnerabilities allow an unauthenticated attacker to execute code remotely. Both vulnerabilities have been assigned a CVSS score of 9.8.

The following versions of Git system are affected:

  • 30.6
  • 31.5
  • 32.4
  • 33.5
  • 34.5
  • 35.5
  • 36.3
  • 37.4
  • 38.2
  • 39.0.

Regarding the mentioned vulnerabilities, the National Cyber Security Centre SK-CERT recommends the following to all operators of vulnerable systems:

  • check and update Git to the latest versions where these vulnerabilities are already patched,
  • check and update all systems that use Git (e.g. GitLab, which has also released a patch),
  • in the event of a cybersecurity incident detection, report the incident to the National Cyber Security Centre SK-CERT at [email protected].

Sources

 


« Späť na zoznam