Lucene search
GoogleOSV:CVE-2019-1348HistoryJan 24, 2020 - 10:15 p.m.
CVE-2019-1348
2020-01-2422:15:19
Google
osv.dev
4
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The --export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=… and it allows overwriting arbitrary paths.
| CPE | Name | Operator | Version |
|---|---|---|---|
| git | eq | 1.8.3.2-r0 | |
| git | eq | 2.14.1-r1 | |
| git | eq | 1.6.4.msysgit.0 | |
| git | eq | 2.17.1-r0 | |
| git | eq | 2.13.0-r0 | |
| git | eq | 1.6.1.3-r1 | |
| git | eq | 2.22.0-r4 | |
| git | eq | 1.7.10.3-r0 | |
| git | eq | 2.10.2-r0 | |
| git | eq | 1.8.2.2-r0 |
References
lists.opensuse.org/opensuse-security-announce/2020-01/msg00056.html
lists.opensuse.org/opensuse-security-announce/2020-05/msg00003.html
access.redhat.com/errata/RHSA-2020:0228
lore.kernel.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/T/#u
public-inbox.org/git/xmqqr21cqcn9.fsf%40gitster-ct.c.googlers.com/
security.gentoo.org/glsa/202003-30
security.gentoo.org/glsa/202003-42
support.apple.com/kb/HT210729
Related
ubuntucve
ubuntucve
CVE-2019-1348
2019-12-10 00:00:00
veracode
veracode
Arbitrary Path Overwriting
2019-12-20 00:15:19
alpinelinux
alpinelinux
CVE-2019-1348
2020-01-24 22:15:19
nvd
nvd
CVE-2019-1348
2020-01-24 22:15:19
prion
prion
Command injection
2020-01-24 22:15:00
debiancve
debiancve
CVE-2019-1348
2020-01-24 22:15:19
cvelist
cvelist
CVE-2019-1348
2020-01-24 21:14:21
redhatcve
redhatcve
CVE-2019-1348
2019-12-11 00:21:07
cve
cve
CVE-2019-1348
2020-01-24 22:15:19
apple
apple
About the security content of Xcode 11.2
2019-10-31 00:00:00
About the security content of Xcode 11.2 - Apple Support
2020-02-03 09:54:35
mageia
mageia
Updated libgit2 packages fix security vulnerabilities
2019-12-15 21:03:05
Updated git packages fix security vulnerabilities
2019-12-15 21:03:05
nessus
nessus
GLSA-202003-42 : libgit2: Multiple vulnerabilities
2020-03-20 00:00:00
CentOS 8 : git (CESA-2019:4356)
2021-01-29 00:00:00
RHEL 8 : git (RHSA-2019:4356)
2019-12-20 00:00:00
gentoo
gentoo
libgit2: Multiple vulnerabilities
2020-03-19 00:00:00
Git: Multiple vulnerabilities
2020-03-15 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2019-0391)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2019-0393)
2022-01-28 00:00:00
Debian: Security Advisory (DLA-2059-1)
2020-01-24 00:00:00
archlinux
archlinux
[ASA-201912-5] libgit2: arbitrary code execution
2019-12-18 00:00:00
[ASA-201912-6] git: arbitrary code execution
2019-12-18 00:00:00
redhat
redhat
(RHSA-2020:0002) Important: rh-git218-git security update
2020-01-02 08:21:54
(RHSA-2019:4356) Important: git security update
2019-12-19 18:18:24
(RHSA-2020:0228) Important: git security update
2020-01-27 08:04:40
debian
debian
[SECURITY] [DLA 2059-1] git security update
2020-01-23 14:27:34
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
[SECURITY] [DSA 4581-1] git security update
2019-12-10 19:56:55
osv
osv
git - security update
2019-12-10 00:00:00
git - security update
2020-01-06 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libgit2-0.28.4-1.fc31
2019-12-17 01:46:03
[SECURITY] Fedora 30 Update: git-2.21.1-1.fc30
2020-01-04 22:16:13
[SECURITY] Fedora 31 Update: git-2.24.1-1.fc31
2019-12-18 01:56:26
oraclelinux
oraclelinux
git security update
2019-12-19 00:00:00
amazon
amazon
ubuntu
ubuntu
Git vulnerabilities
2019-12-10 00:00:00
cloudfoundry
cloudfoundry
USN-4220-1: Git vulnerabilities | Cloud Foundry
2019-12-18 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package git version 2.24.1-alt1
2019-12-08 00:00:00
Security fix for the ALT Linux 8 package git version 2.24.1-alt1
2019-12-12 00:00:00
suse
suse
Security update for git (important)
2020-01-29 00:00:00
Security update for git (moderate)
2020-05-02 00:00:00