The following security vulnerabilities were found in our latest Gemini Central, version 3.1, based on the recent scan run on March 8th, 2023.  Related fixes are scheduled to be available in our next release. 



  • CentOS 7 : git (CESA-2023:0978) - Critical

  • git: gitattributes parsing integer overflow (CVE-2022-23521)

  • git: Heap overflow in `git archive`, `git log --format` leading to RCE (CVE-2022-41903)

  • https://www.tenable.com/plugins/nessus/172034


  • SSL Certificate Cannot Be Trusted - Medium

-    The server’s X.509 certificate cannot be trusted. Situations can occur in which the chain of trust can be broken.  More information in the link below. 

-    https://www.tenable.com/plugins/nessus/51192


  • SSL Self-Signed Certificate - Medium

-    The X.509 certificate chain for this service is not signed by a recognized certificate authority. If the remote host is a public host in production, this nullifies the use of SSL as anyone could establish a man-in-the-middle attack against the remote host.

-    https://www.tenable.com/plugins/nessus/57582



Please reach out to our Support at [email protected] if you have any questions or concerns regarding this advisory.  


Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.