← Back

CVE-2019-1348

nvd nist
Published: Jan 24, 2020Modified: Nov 21, 2024

JSON object

Loading...
3.3
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Exploitability: 1.8 / Impact: 1.4
Source: NVD

Description

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=... and it allows overwriting arbitrary paths.

Affected (12)

Products: Git Scm: Git · Opensuse: Leap
Git Scm
1 product
Git
Opensuse
1 product
Leap
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Git Scm
Git
From 2.14.0 to 2.14.6
Git
From 2.15.0 to 2.15.4
Git
From 2.16.0 to 2.16.6
Git
From 2.17.0 to 2.17.3
Git
From 2.18.0 to 2.18.2
Git
From 2.19.0 to 2.19.3
Git
From 2.20.0 to 2.20.2
Git
From 2.21.0 to 2.21.1
Git
From 2.22.0 to 2.22.2
Git
From 2.23.0 to 2.23.1
Git
From 2.24.0 to 2.24.1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Leap
Version 15.1

References (16)

Source: secure@microsoft.com
Third Party Advisory
Source: secure@microsoft.com
Source: secure@microsoft.com
Third Party Advisory
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: secure@microsoft.com
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.