{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-53158", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-07-28T17:24:12.615Z", "dateReserved": "2025-07-28T00:00:00.000Z", "datePublished": "2025-07-28T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "gix-transport", "vendor": "GitoxideLabs", "versions": [{"lessThan": "0.36.1", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "The gix-transport crate before 0.36.1 for Rust allows command execution via the \"gix clone 'ssh://-oProxyCommand=open$IFS\" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-28T00:37:08.146Z"}, "references": [{"url": "https://rustsec.org/advisories/RUSTSEC-2023-0064.html"}, {"url": "https://github.com/GitoxideLabs/gitoxide/pull/1032"}, {"url": "https://github.com/advisories/GHSA-rrjw-j4m2-mf34"}, {"url": "https://crates.io/crates/gix-transport"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-28T17:23:53.586851Z", "id": "CVE-2023-53158", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-28T17:24:12.615Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-53158", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-28T17:23:53.586851Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-28T17:24:08.784Z"}}], "cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 4.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "GitoxideLabs", "product": "gix-transport", "versions": [{"status": "affected", "version": "0", "lessThan": "0.36.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://rustsec.org/advisories/RUSTSEC-2023-0064.html"}, {"url": "https://github.com/GitoxideLabs/gitoxide/pull/1032"}, {"url": "https://github.com/advisories/GHSA-rrjw-j4m2-mf34"}, {"url": "https://crates.io/crates/gix-transport"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "The gix-transport crate before 0.36.1 for Rust allows command execution via the \"gix clone 'ssh://-oProxyCommand=open$IFS\" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-07-28T00:37:08.146Z"}}}, "cveMetadata": {"cveId": "CVE-2023-53158", "state": "PUBLISHED", "dateUpdated": "2025-07-28T17:24:12.615Z", "dateReserved": "2025-07-28T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-07-28T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The gix-transport crate before 0.36.1 for Rust allows command execution via the \"gix clone 'ssh://-oProxyCommand=open$IFS\" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability (involving a username field) that is more difficult to exploit."}, {"lang": "es", "value": "El paquete gix-transport para Rust, anterior a la versi\u00f3n 0.36.1, permite la ejecuci\u00f3n de comandos mediante la subcadena \"gix clone 'ssh://-oProxyCommand=open$IFS\". NOTA: Esto se descubri\u00f3 antes de CVE-2024-32884, una vulnerabilidad similar (que afecta a un campo de nombre de usuario) y que es m\u00e1s dif\u00edcil de explotar."}], "id": "CVE-2023-53158", "lastModified": "2025-07-29T14:14:29.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 2.7, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2025-07-28T01:15:24.837", "references": [{"source": "cve@mitre.org", "url": "https://crates.io/crates/gix-transport"}, {"source": "cve@mitre.org", "url": "https://github.com/GitoxideLabs/gitoxide/pull/1032"}, {"source": "cve@mitre.org", "url": "https://github.com/advisories/GHSA-rrjw-j4m2-mf34"}, {"source": "cve@mitre.org", "url": "https://rustsec.org/advisories/RUSTSEC-2023-0064.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "cve@mitre.org", "type": "Primary"}]}

{"bugzilla": {"description": "gix-transport: gix Command Execution Vulnerability", "id": "2383799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383799"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "draft"}, "cwe": "CWE-78", "details": ["A flaw was found in gix-transport. The handling of clone URLs by the crate allows an attacker to execute arbitrary commands by injecting a malicious substring into the URL, specifically through the `ssh` protocol and `ProxyCommand` option. This vulnerability allows a local attacker to trigger command execution by providing a crafted URL containing the \"gix clone 'ssh://-oProxyCommand=open$IFS\" sequence, resulting in the execution of commands as the user running the `gix` process."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2023-53158", "package_state": [{"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/cluster-logging-operator-bundle", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/cluster-logging-rhel9-operator", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/eventrouter-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/log-file-metric-exporter-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Fix deferred", "package_name": "openshift-logging/vector-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-cni-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-must-gather-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-pilot-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-proxyv2-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Not affected", "package_name": "openshift-service-mesh/istio-sail-operator-bundle", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rust", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "rust-toolset:rhel8/rust", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rust", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-07-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53158\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53158\nhttps://crates.io/crates/gix-transport\nhttps://github.com/GitoxideLabs/gitoxide/pull/1032\nhttps://github.com/advisories/GHSA-rrjw-j4m2-mf34\nhttps://rustsec.org/advisories/RUSTSEC-2023-0064.html"], "threat_severity": "Moderate"}