CVE-2022-20001: 
NixOS vulnerability analysis and mitigation

CVE-2022-20001 affects the fish shell (versions 3.1.0 through 3.3.1), a command-line shell for macOS, Linux, and other Unix-like systems. The vulnerability was discovered and disclosed in March 2022, where the default configuration of fish could lead to arbitrary code execution when changing into directories containing malicious git repositories (GitHub Advisory).

The vulnerability exists in fish's default prompt configuration which automatically runs git commands to display repository information. When a user changes into a directory containing a git repository, the fish_git_prompt function executes git commands without properly restricting repository-specific configurations. These configurations can include arbitrary command execution directives that would be automatically triggered (GitHub Advisory).

If successfully exploited, an attacker could execute arbitrary commands on the target system if they can convince a user to change into a directory containing a maliciously crafted git repository. This could occur through shared filesystems or by extracting compromised archives. The vulnerability does not affect repositories created through git clone (GitHub Advisory, Gentoo Security).

The vulnerability was fixed in fish version 3.4.0. Users should upgrade to this version or later. If upgrading is not immediately possible, users can remove the fish_git_prompt function from their prompt as a temporary workaround (GitHub Advisory, Debian Security).